Use the following procedure to configure agentless settings for F5 BIG-IP load balancers.
Log in to the sensor host.
Go to the sensor CLI directory.
Where install_dir is the installation directory for the sensor.
./addagentless.sh -type BIGIP
addagentless.bat -type BIGIP
docker exec -it <container-id/name> cli/addagentless.sh -type BIGIP
When you enter the command, a series of prompts appears for each setting you need to enter. At each prompt, enter the specific settings for your load balancer and press Return.
docker ps command to get the container name or ID and its operating status.
There are two ways to configure the agentless on docker:
docker exec -it <container-id/name> cli/addagentless.sh -type BIGIPcommand.
docker exec -it <container-id/name> bashcommand to get a bash shell in the container.
cli/addagentless.sh -type BIGIPcommand.
addagentless.bat -type BIGIP
Sensor CLI. Copyright 2020, DigiCert Inc. Add or change login credentials and specify data IP addresses for certificate automation. Enter management IP address:10.141.17.192 Enter Management Port:443 If available, do you want to map this sensor with the previously voided load balancer (Y/N)?:N Enter web service username: admin Enter web service password: Confirm web service password: Successfully added or changed the agentless automation. This applies to the following HA Pair peers : Management IP: 10.141.17.192 (ACTIVE) Starting agentless configuration for this host. Go to Automated IPs in CertCentral to finish configuring host details and set up automation.
Once the agentless is added and configured, the sensor automatically collects information on IP/ports that can be automated.
For successful automation,
Make sure to select only supported network protocols when configuring virtual IPs.
Note: The UDP protocol does not support automation. Virtual IPs configured using UDP protocols will be filtered and cannot be discovered.
For Virtual Servers configured with iApp templates, disable Strict Updates for successful automation. In the F5 console, go to the iApps Application Services folder and clear the Strict Updates check box.
For your Virtual Server configuration, do not add a Destination Address/Mask. Automation cannot identify a destination address specified as xxx.xxx.xxx.xxx/0. The address will appear as 0.0.0.0. Such IPs cannot be automated.
DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.
©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.