Configure sensor (agentless) automation settings for an F5 BIG-IP load balancer

Use the following procedure to configure agentless settings for F5 BIG-IP load balancers.

Configure agentless settings for F5 BIG-IP load balancers

  1. Log in to the sensor host.

  2. Go to the sensor CLI directory.

    cd install_dir/cli

    Where install_dir is the installation directory for the sensor.

  3. Run the addagentless command.

    • On Linux:

    ./ -type BIGIP

    • On Windows:

    addagentless.bat -type BIGIP

    • On Docker:

    docker exec -it <container-id/name> cli/ -type BIGIP

    When you enter the command, a series of prompts appears for each setting you need to enter. At each prompt, enter the specific settings for your load balancer and press Return.

The login password of the appliance you created on its respective console must meet the DigiCert password requirements so it will work with automation.

The password must contain lower and upper case letters, numbers, or symbols.

Allowed symbols: ~!@#$%^&*()_+`-={}[]|;:'"<>,./?

Run the docker ps command to get the container name or ID and its operating status.

There are two ways to configure the agentless on docker:

  1. Without signing in to the docker sensor container:
    Run the docker exec -it <container-id/name> cli/ -type BIGIP command.
  2. By signing in the docker sensor container:
    1. Run the docker exec -it <container-id/name> bash command to get a bash shell in the container.
    2. Go to the sensor installation directory and run the cli/ -type BIGIP command.

For example:

addagentless.bat -type BIGIP

Sensor CLI. Copyright 2020, DigiCert Inc.
Add or change login credentials and specify data IP addresses for certificate automation.
Enter management IP address:
Enter Management Port:443
If available, do you want to map this sensor with the previously voided load balancer (Y/N)?:N
Enter web service username: admin
Enter web service password:
Confirm web service password:
Successfully added or changed the agentless automation. This applies to the following HA Pair peers :
Management IP:  (ACTIVE)
Starting agentless configuration for this host. Go to Automated IPs in CertCentral to finish configuring host details and set up automation.

Once the agentless is added and configured, the sensor automatically collects information on IP/ports that can be automated.

For successful automation,

  1. Make sure to select only supported network protocols when configuring virtual IPs.

    Note: The UDP protocol does not support automation. Virtual IPs configured using UDP protocols will be filtered and cannot be discovered.

  2. For Virtual Servers configured with iApp templates, disable Strict Updates for successful automation. In the F5 console, go to the iApps Application Services folder and clear the Strict Updates check box.

  3. For your Virtual Server configuration, do not add a Destination Address/Mask. Automation cannot identify a destination address specified as The address will appear as Such IPs cannot be automated.