Skip to main content

View discovered certificates and endpoints

When you connect to an F5 BIG-IP LTM appliance, DigiCert​​®​​ Trust Lifecycle Manager discovers existing certificates and virtual IPs on the appliance and adds them to your Inventory, where you can view and manage them.

Your Inventory includes all current assets in your Trust Lifecycle Manager account. To filter and view just the assets on the connected F5 appliance, use the functions described below.

View F5 assets in inventory

On the Inventory page, you can make selections to filter and list specific assets on an F5 appliance. You can save your custom views and download the applicable records in CSV format.

System views

Use the dropdown menu above the Inventory table to switch between the default system views and any saved custom views. The following system views include assets associated with connected F5 appliances:

System view

Description

Unique certificates (default)

All unique certificates in your account, identified by their thumbprint, regardless of the number of locations where they are installed or appear. This is the default view when you first access the Inventory page.

All certificates

All known certificates, regardless of issuer or source.

Certificates expiring in 30 days

All known certificates, regardless of issuer or source, with an expiration date in the next 30 days.

Managed Automation

All certificates currently under management or available to be placed under management by Trust Lifecycle Manager's certificate lifecycle automation tools.

Discovery

All certificates issued outside of your account and discovered or imported into Trust Lifecycle Manager.

Unsecured

All discovered IP/port endpoints that do not currently have a certificate installed on them or that have certificate discovery errors.

Apply inventory filters

After loading an inventory view, apply filters to further refine which records are included.

To apply a filter:

  1. Select the filter icon next to any of the current table headers to filter by that field.

  2. Use the filter input to select or enter a value to filter by. Input types include:

    • Text input: Enter a single value or comma-separated list of values.

    • Dropdown: Select a value. Some dropdowns have checkboxes so you can select multiple values.

    • Calendar: Select a date.

To apply multiple filters at once:

  1. Select the Additional filters and columns icon on the top-right of the inventory table.

  2. Select the Additional filters option.

  3. Enter selections for one or more filters to apply those filters. When you're done, select the "X" button on the top-right of the filters overlay to close it. If you can't see the "X" button, select the right-arrow button on the right sidebar to hide it.

Tip

Your account dashboard includes shortcuts that launch pre-filtered inventory views of certificates with different expiration dates, issuing CA vendors, statuses, security ratings, and similar criteria.

Update inventory columns

To add or remove fields from the inventory table, update the table columns:

  1. Select the Additional filters and columns icon on the top-right of the inventory table.

  2. Select the Add columns option.

  3. Select columns to include, or deselect columns to exclude. Your updates get applied immediately. When you're done, select anywhere outside of the Add columns menu to hide it.

Relevant filters for F5 assets

The following columns and filters can help identify inventory assets associated with a connected F5 network appliance. If a particular column is not already present, add it to the table as described above.

Column header

FIlter value

Application

F5 BIG-IP LTM

Connector

Enter the full or partial Name of the F5 connector as shown on the Integrations > Connectors page.

IP/FQDN

Enter the IP address of an F5 virtual IP endpoint.

Port

Enter the port number of an F5 virtual IP endpoint.

Save custom views

When you modify the inventory table by applying filters or customizing the table columns, you can save your updates as a custom view. You can then launch that saved view at any time by opening the dropdown menu above the inventory table and selecting it under My views.

To save the current inventory table settings and filters as a custom view:

  1. Select Manage view from the sidebar on the right. If the sidebar is not visible, select the left-arrow button on the sidebar to open it.

  2. In the Manage view sidebar, open the Current view actions tab and select the action to Save as new view.

  3. Give the view a nickname.

  4. (optional) Select the checkbox if you want to make this the default view when you first launch the Inventory page.

  5. Select the Save button to save the custom view.

Tip

When you make changes to the current inventory table, Trust Lifecycle Manager shows a green dot indicator on the sidebar on the right. This signals that you have customized the table, but have not yet saved your changes as a custom view.

Download inventory CSV file

After displaying the inventory records you're interested in, you can download them as comma-separated values (CSV) data by selecting the Reports function on the right side of the Inventory screen. Download options:

  • Create custom report: Apply additional filters before downloading the data.

  • Instant download: Download the records as they appear in the current inventory view.

Certificate details

After loading a certificate into Inventory, select the common name to view complete details for it. Use the tabs below the summary info to see different types of information about the certificate.

Certificate details tab

Information included

Certificate

  • Properties: All known properties for the certificate including the subject DN, SANs, issuing CA, serial number, thumbprint, cryptographic algorithms and key sizes.

  • Deployment: Details about where the certificate is installed including IP/port endpoints, application, and connector.

Automation

Lifecycle automation settings for the certificate. For certificates that are eligible for automation but not currently under management, you can enable automated lifecycle management here.

Security

  • Certificate security: Current security ratings calculated for the certificate. Select the link to open a siderail with more details about issues found and used to calculate these ratings.

  • Server security: For actively deployed certificates, this section includes security-related details for the server or application where the certificate is installed. Select the links for more details.

Additional details

Additional details about the certificate including the applicable business unit and seat type in Trust Lifecycle Manager and when the certificate was first discovered and last updated.

What's next

Use the email notifications function in Trust Lifecycle Manager to keep admins informed when the certificates on a connected F5 appliance are nearing expiration.

publicatie datum: