Need AS3 to load HSM keys into non-Common partitions

[pmscheffler]

trafficstars

On devices where AS3 has been extensively used, partitions are also typically a normal way of managing the device. Currently, there's no ability to specify a key in an AS3 declaration which is not in the Common partition.

The documentation specifies the path be: "class" : "certificate", "certificate" : {"bigip" : "/Common/default.crt"}, "key" : {"bigip" : "/Common/default.key"}

But nothing other than "/Common/" is accepted. The declaration should accept any available partition on the device.

[pmscheffler]

Adding to this, I created a new key in a new partition:

`[admin@f5vm01:Active:Standalone] ~ # ls -lsR /config/filestore/files_d/test-partition-1_d /config/filestore/files_d/test-partition-1_d: total 8 4 drwxr-xr-x. 2 root root 4096 Dec 13 18:14 certificate_d 4 drwxr-xr-x. 2 root root 4096 Dec 13 18:13 certificate_key_d

/config/filestore/files_d/test-partition-1_d/certificate_d: total 4 4 -rw-r--r--. 1 root apache 713 Dec 13 18:14 :test-partition-1:test-1-key-ecdsa_63742_1

/config/filestore/files_d/test-partition-1_d/certificate_key_d: total 4 4 -rw-r-----. 1 root webservices 241 Dec 13 18:13 :test-partition-1:test-1-key-ecdsa_63739_1 `

So we would need the AS3 to look like: "class" : "certificate", "certificate" : {"bigip" : "/test-partition-1/test-1-key-ecdsa"} , "key" : { "bigip" : "/test-partition-1/test-1-key-ecdsa" }

[gwolfis]

Have another case where AS3 should work in conjunction with HSM. Certificates can only being created in /Common, this is currently a manual process. Not being able to provide this through AS3 is a shortcomming and on top BIG-IP and AS3 should be able to handle certificates in non-/Common partitions.