Creating an Identity Certificate

Question

Hello all&nbsp;
We have a bunch of brand new BIG-IP units: 2 x LTMs &amp; 1 x GTM per DC. The LTMs have currently been clustered together using their self-signed certs. &nbsp;
We wish to integrate our devices into the PKI infrastructure we have, this is where my knowledge falls short. We wish to ensure that each device has its own identity certificate, which can then be used for HTTPS/SSL when managing the device. &nbsp;
Silly question, but would this same identity cert also be used when we integrate the LTMs and GTMs (iQuery)? If so, do I need to do anything specifically to instruct the devices to use their ID certs? Also, by adding an ID cert per device, will this break the trust relationship that already exists between the two LTMs?&nbsp;
Many thanks&nbsp;

nitass · Answer

have you seen this? is it helpful?&nbsp;
sol15664: Overview of BIG-IP device certificates (11.x) &nbsp;
https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15664.html&nbsp;

devlin_t_149357 · Answer

Thank yo nitass&nbsp;
I did check that out. My question still stands (I believe) on whether adding the new ID certs will break the existing clustering trust between the LTMs.&nbsp;
Thank you&nbsp;

Forum Discussion

Creating an Identity Certificate

2 Replies

Recent Discussions

Rewrite uri translation not working

no available managed rule groups for Israel il-central-1

About shun list for L7 DDoS?

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

ASM instance creation

Related Content

Building an OpenSSL Certificate Authority - Creating Your Root Certificate

Building an OpenSSL Certificate Authority - Creating ECC Certificates

Building an OpenSSL Certificate Authority - Creating Your Intermediary Certificate

Creating, Importing and Assigning a CA Certificate Bundle

Create Your Own Certificate Authority