Configure the following settings in the General form of the Renewal wizard.
Owner
The email address of the person responsible for the certificate – for example, the Web server operator.
Description
A brief description of the certificate purpose.
<custom>
Business-specific Custom Fields defined by your organization.
Access Tags
One or several Certificate Access Tags.
Certificate Roles with any of these tags will grant permissions on the certificate.
Certificate Authority
The certificate authority that issues the certificate. See Authorities for how to register certificate authorities.
Certificate Profile
The certificate profile the certificate authority applies to issue the certificate. For certificates to be published in Destinations, consider the following profile limitations.
Destination | Limitations |
|---|---|
Apache | Requires a certificate profile with "Web Server" or dual usage (key encipherment and digital signature). |
Azure | Does not support issuing certificates from a CSR. |
Nginx | Requires a certificate profile with "Web Server" or dual usage (key encipherment and digital signature). |
The selected certificate profile must be configured in CA Gateway for the Certificate Authority.
Use a key manager (KMS) to generate the key pair
To generate the certificate key pair with a key manager, check this box and select a key manager from the Key Manager list.
For the key managers described in Creating a F5 BIG-IP key manager, also configure the settings in the table below.
Setting | Value |
|---|---|
Client SSL Profile | A BIG-IP Client SSL profile |
Server SSL Profile | A BIG-IP Server SSL profile |
See Key Managers for creating key managers and techdocs.f5.com for a reference of the supported BIG-IP Client SSL profiles.