ab#52646

F5WafOrchestrator/CA/Management.cs

@@ -50,7 +50,7 @@ public JobResult ProcessJob(ManagementJobConfiguration config)
                     break;
                 case CertStoreOperationType.Remove:
                     _logger.LogDebug($"BEGIN Delete Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}.");
-                    F5Client.RemoveCaCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias);
+                    F5Client.RemoveCaOrTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias, false);
                     _logger.LogDebug($"END Delete Operation for {config.CertificateStoreDetails.StorePath} on {config.CertificateStoreDetails.ClientMachine}.");
                     break;
                 default:

F5WafOrchestrator/F5WafClient.cs

@@ -502,42 +502,13 @@ public CaPostRoot FormatCaCertificateRequest(ManagementJobCertificate mgmtJobCer
         return reqBody;
     }
 
-    public void RemoveTlsCertificate(string f5Namespace, string certName)
+    public void RemoveCaOrTlsCertificate(string f5Namespace, string certName, bool isTLSCertificate)
     {
         _logger.MethodEntry(LogLevel.Debug);
 
-        var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/certificates/{certName}");
-        response.Wait();
-        var stringResponse = response.Result.Content.ReadAsStringAsync();
-        stringResponse.Wait();
-
-        //parse status code for error handling
-        string statusCode = string.Empty;
-        string[] respMessage = response.Result.ToString().Split(',');
-        for (int i = 0; i < respMessage.Length; i++)
-        {
-            if (respMessage[i].Contains("StatusCode:"))
-            {
-                statusCode = respMessage[i].Trim().Substring("StatsCode: ".Length).Trim();
-                break;
-            }
-        }
-
-        if (statusCode != "200")
-        {
-            var errorMessage = response.Result.Content.ReadAsStringAsync();
-            errorMessage.Wait();
-            throw new F5WAFException(errorMessage.ToString());
-        }
-
-        _logger.MethodExit(LogLevel.Debug);
-    }
-
-    public void RemoveCaCertificate(string f5Namespace, string certName)
-    {
-        _logger.MethodEntry(LogLevel.Debug);
+        string certType = isTLSCertificate ? "certificates" : "trusted_ca_lists";
 
-        var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/trusted_ca_lists/{certName}");
+        var response = F5Client.DeleteAsync($"/api/config/namespaces/{f5Namespace}/{certType}/{certName}");
         response.Wait();
         var stringResponse = response.Result.Content.ReadAsStringAsync();
         stringResponse.Wait();
@@ -776,6 +747,8 @@ public bool JobCertIsAttachedToHttpLoadBalancer(string f5Namespace, string jobCe
 
     private string SubmitGetRequest(string endpoint)
     {
+        _logger.MethodEntry(LogLevel.Debug);
+
         var response = F5Client.GetAsync(endpoint).Result;
         var result = response.Content.ReadAsStringAsync().Result;
 
@@ -790,6 +763,8 @@ private string SubmitGetRequest(string endpoint)
             throw new F5WAFException(errorMessage);
         }
 
+        _logger.MethodExit(LogLevel.Debug);
+
         return result;
     }
 

F5WafOrchestrator/TLS/Management.cs

@@ -78,7 +78,7 @@ private void PerformTlsCertRemove(ManagementJobConfiguration config)
                 "The job cert is bound to an http load balancer. Must unbind before performing management job.");
         }
 
-        F5Client.RemoveTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias);
+        F5Client.RemoveCaOrTlsCertificate(config.CertificateStoreDetails.StorePath, config.JobCertificate.Alias, true);
 
         _logger.MethodExit(LogLevel.Debug);
     }