Set up sensor-based automation for network appliances

Install and configure a sensor for automating certificate requests on load balancers

Automating certificate requests on network appliances such as load balancers requires a CertCentral sensor, the same software used for discovery scans.

Before you begin

Set up a sensor automation

  1. In your CertCentral account, in the left main menu, go to Automation > Manage automation.

  2. On the Manage automation page, select Add automation.

  3. On the Set up automation page, under the load balancers section, select Set up a sensor.

  4. On the Set up automation for load balancers page, select one of the following options:

    • I already have a sensor installed that can reach the target load balancers
      Use this option if you have a sensor running that can reach the target load balancers. Follow the configuration instructions to activate agentless automation on the sensor.
      Note: This supports SNI configuration only on F5 BIG-IP and AWS load balancers.
    • I don't have a sensor installed or need to install a new one
      Use this option if you do not already have a sensor installed or need to install once to reach the target load balancers. See the sensor installation steps for details.
      Once you install and activate the sensor, follow the configuration instructions to activate agentless automation on the sensor.
  5. Go back to Automation > Manage automation.

  6. On the Manage automation page , select the name of the agentless automation you just configured.

  7. Review and make sure the host details are correct.

  8. F5 BIG-IP load balancers: Select Private key security type to specify the storage of your private keys.

    • Normal: Store the private key in the F5 BIG-IP load balancer itself.
    • FIPS: Store the private key in the Federal Information Processing Standards (FIPS) enabled module of the F5 BIG-IP load balancer.
    • NetHSM: Store the private key in the Hardware Security Module (HSM) device connected to the F5 BIG-IP load balancer.
  9. Automating DV certificate installations: When automating a DV certificate, select DNS integration or provider for the validation of the DNS challenge to prove the ownership of the domains.

    The list includes all the integrations added to the sensor.

    Important: DNS integrations or providers in the list marked Critical had issues in the past while setting the DNS challenge. They may fail again. We recommend you select another integration or provider for successful validation.

  10. Select Save.

Related topics: