See below for creating a source that imports certificates from an F5 BIG-IP certificate management service.
To create a F5 BIG-IP source
- Log in as an administrator with either:
- The global_admin role.
- A <user_defined> role with permission to create sources.
- Go to Automate > Sources.
- Click Create to configure the following settings.
- Click Verify for Certificate Manager to verify all the settings. Some plugins might ask for additional configuration settings after verification.
Label
A descriptive name of the source.
Mandatory: Yes
Owner
The username of the source owner. The user who creates the source is automatically made the owner of both the source and the source certificates.
You can later edit this field and assign ownership to someone else.
Description
A description of the source purpose.
Mandatory: No
Authorization Tags
A list of authorization tags. The Custom Roles with any of these tags will grant permissions on the source.
Mandatory: No
Select Source Type
Select Azure-KeyVault-Source-Plugin.
Mandatory: Yes
Host
The URL of the F5 BIG-IP server host. For example:
https://f5.entrust.com
Mandatory: Yes
Port
The port for accessing the F5 BIG-IP service.
The default F5 BIG-IP port is 443.
Mandatory: Yes
Partition/Path
The partition and path, in the following syntax
<partition>/<path>
Where:
<partition>
is the name of a F5 BIG-IP server partition.The user must have access to this partition.
<path>
is the path of a subdirectory within the partition.
Both values are case sensitive.
Mandatory: Yes
Username
The username for authenticating in the F5 BIG-IP server.
The selected user must have an administrator role for the given partition in the F5 BIG-IP server.
Mandatory: Yes
Password
The password for authenticating to the F5 BIG-IP server.
Mandatory: Yes
Host CA Bundle (PEM)
The certification chain of the F5 BIG-IP server, as a bundle in PEM format.
Mandatory: Yes
Enable hostname verification
Check this box for validating the F5 BIG-IP server certificate in each connection.