Renewing 100+ SSL Certificates - Easier way?

Question

Is there a way to renew/generate the csr files and the import the new certificates from the command line?

I have about 100+ certificates that need to be renewed this week and would like to script this, I plan on updating the all the client and server profiles to use the new intermediate keys via the command line, but it'd be nice if I could create and import the certs as well...

Anyone have any suggestions besides the web gui, icontrol...

hamish · Answer

You can use openssl to create the key pairs and CSR's. As long as you put the files into the correct subdirectories (And have them in the correct formats etc), then the system should be fine. The keys, certs etc are all kept under /config/ssl/...  
&nbsp;  
&nbsp; (In fact you could even create them centrally and copy them out using ssh (scp or sftp) if you really wanted). 
&nbsp;  
&nbsp; H

hooleylist · Answer

Yeah, bash + openssl sounds like a quick combination. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Renewing 100+ SSL Certificates - Easier way?

2 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

issue with URL after certificate renewal.

Re: Management Certificate

Automating ACMEv2 Certificate Management on BIG-IP

iHealth Upgrade Advisor: Making upgrades a little easier

TCP Configuration Just Got Easier: Autobuffer Tuning