From the DigiCert® Trust Lifecycle Manager Inventory view, you can request and install new certificates to any F5 BIG-IP LTM virtual IPs that do not currently have certificates installed.
Aviso
To manage lifecycles of existing certificates on an F5 appliance, see Manage and renew existing certificates.
To request certificate issuance and installation on an unsecured IP/port target on a connected F5 appliance:
From the Trust Lifecycle Manager main menu, select Inventory.
Use the View inventory functions to display the unsecured IP/port endpoint where you want to install the certificate. You can use the Unsecured system view, or one of your saved custom views.
Hover the Common name column for the endpoint where you want to install the certificate, open the actions (three dots) menu on the right, and select Request certificate.
Importante
The IP/port target you select must have an automation status of Configured. If not, check the configuration of the F5 connector.
Fill out the Automation request form:
Choose profile: Select one of the available certificate automation profiles for the type of certificate you want to issue.
Certificate information: Add the common name and any additional order options for the certificate.
Schedule certificate automation: Select whether to run the lifecycle management action now or schedule it for a later date and time.
Auto-renew: (Optional) Select any auto-renewal options for the certificate. These options will apply to this certificate only and override any auto-renew options configured in the certificate profile.
Scripts: (Optional, for web servers only) For F5 appliances, skip this section.
Tags: (Optional) Apply one or more tags to the issued certificate to help identify it in Trust Lifecycle Manager for management and tracking purposes.
Select the checkbox at bottom to acknowledge acceptance of the Certificate Services Agreement.
Select Submit to finalize the certificate automation request.