This script will import all supported SSL Certificate, Key & CRL that exist as unmanaged objects on this BIG-IQ which can be found on the target BIG-IP.

Steps performed by the script:

  • Gather certificate and key metadata (including cache-path) from BIG-IPs
  • Download certificate and key file data from BIG-IPs
  • Upload certificate and key file data to BIG-IQ

Discover and import LTM services before using this script.
The target BIG-IP will be accessed over ssh using the BIG-IP root account.

The script must be installed in BIG-IQ under /shared/scripts:
# mkdir /shared/scripts
# chmod +x /shared/scripts/

Command example:
# ./ <big-ip IP address>

​Enter the root user's password if prompted.

Allowed command line options:
    -h                show this help message and exit
    -l                 LOG_FILE, log to the given file name
    --log-level   {debug,info,warning,error,critical}, set logging to the given level (default: info)
    -p PORT     BIG-IP  ssh port (default: 22)

Configuration > Certificate Management > Certificates & Keys

Before running the script:


After running the script:


Location of the scripts on GitHub: