Create this destination to store the issued certificates on F5 BIG-IP. 

BIG-IP by F5 provides a secure vault to store passwords and passphrases.

To create a BIG-IP destination in Certificate Manager

  1. Log in as an administrator with one of the following roles:
  2. Go to Automate > Destinations.
  3. Click Create to configure the following settings.  
  4. Click Verify to check the connection with the destination.

Label

A descriptive name of the destination.

Owner

The username of the destination owner. 

The user who adds the destination is automatically made the owner. You can later edit this field and assign ownership to someone else. 

Description

A description of the destination purpose.

Authorization Tags

A list of authorization tags. The Custom Roles with any of these tags will grant permissions on the source.

Select Destination Type

Select the following value.

F5-BIG-IP-Destination-Plugin

Host

The URL of the F5 BIG-IP server host. For example:

https://f5.entrust.com

Mandatory: Yes

Port

The port for accessing the F5 BIG-IP service. 

The default F5 BIG-IP port is 443.

Mandatory: Yes

Partition/Path

The partition and path, in the  following syntax

<partition>/<path>

Where:

  • <partition> is the name of a F5 BIG-IP server partition. 

    The user must have access to this partition.

  • <path>  is the path of a subdirectory within the partition.

Both values are case sensitive.

Mandatory: Yes

Username

The username for authenticating in the F5 BIG-IP server. 

The selected user must have an administrator role for the given partition in the F5 BIG-IP server.

Mandatory: Yes

Password

The password for authenticating to the F5 BIG-IP server.

Mandatory: Yes

Host CA Bundle (PEM)

The certification chain of the F5 BIG-IP server, as a bundle in PEM format.

Mandatory: Yes

Enable hostname verification

Check this box for validating the F5 BIG-IP server certificate in each connection.