Create this destination to store the issued certificates on F5 BIG-IP.
BIG-IP by F5 provides a secure vault to store passwords and passphrases.
To create a BIG-IP destination in Certificate Manager
- Log in as an administrator with one of the following roles:
- The global_admin role.
- A <user_defined> role with permission to create destinations.
- Go to Automate > Destinations.
- Click Create to configure the following settings.
- Click Verify to check the connection with the destination.
Label
A descriptive name of the destination.
Owner
The username of the destination owner.
The user who adds the destination is automatically made the owner. You can later edit this field and assign ownership to someone else.
Description
A description of the destination purpose.
Authorization Tags
A list of authorization tags. The Custom Roles with any of these tags will grant permissions on the source.
Select Destination Type
Select the following value.
F5-BIG-IP-Destination-Plugin
Host
The URL of the F5 BIG-IP server host. For example:
https://f5.entrust.com
Mandatory: Yes
Port
The port for accessing the F5 BIG-IP service.
The default F5 BIG-IP port is 443.
Mandatory: Yes
Partition/Path
The partition and path, in the following syntax
<partition>/<path>
Where:
<partition>
is the name of a F5 BIG-IP server partition.The user must have access to this partition.
<path>
is the path of a subdirectory within the partition.
Both values are case sensitive.
Mandatory: Yes
Username
The username for authenticating in the F5 BIG-IP server.
The selected user must have an administrator role for the given partition in the F5 BIG-IP server.
Mandatory: Yes
Password
The password for authenticating to the F5 BIG-IP server.
Mandatory: Yes
Host CA Bundle (PEM)
The certification chain of the F5 BIG-IP server, as a bundle in PEM format.
Mandatory: Yes
Enable hostname verification
Check this box for validating the F5 BIG-IP server certificate in each connection.