See below for creating a source that imports certificates from an F5 BIG-IP certificate management service.

To create a F5 BIG-IP source

  1. Log in as an administrator with either:
  2. Go to Automate > Sources.
  3. Click Create to configure the following settings. 
  4. Click Verify for Certificate Manager to verify all the settings. Some plugins might ask for additional configuration settings after verification.

Label

A descriptive name of the source.​

Mandatory: Yes

Owner

The username of the source owner. The user who creates the source is automatically made the owner of both the source and the source certificates.

You can later edit this field and assign ownership to someone else. 

Description

A description of the source purpose.

Mandatory: No

Authorization Tags

A list of authorization tags. The Custom Roles with any of these tags will grant permissions on the source.

Mandatory: No

Select Source Type

Select Azure-KeyVault-Source-Plugin.

Mandatory: Yes

Host

The URL of the F5 BIG-IP server host. For example:

https://f5.entrust.com

Mandatory: Yes

Port

The port for accessing the F5 BIG-IP service. 

The default F5 BIG-IP port is 443.

Mandatory: Yes

Partition/Path

The partition and path, in the  following syntax

<partition>/<path>

Where:

  • <partition> is the name of a F5 BIG-IP server partition. 

    The user must have access to this partition.

  • <path>  is the path of a subdirectory within the partition.

Both values are case sensitive.

Mandatory: Yes

Username

The username for authenticating in the F5 BIG-IP server. 

The selected user must have an administrator role for the given partition in the F5 BIG-IP server.

Mandatory: Yes

Password

The password for authenticating to the F5 BIG-IP server.

Mandatory: Yes

Host CA Bundle (PEM)

The certification chain of the F5 BIG-IP server, as a bundle in PEM format.

Mandatory: Yes

Enable hostname verification

Check this box for validating the F5 BIG-IP server certificate in each connection.