What you're trying to do is exactly what the chain of trust that SSL uses to verify a website was designed to prevent.
I'm simplifying slightly, but when a certificate is issued for a website, it is signed by a trusted authority. That authority is deemed to be trusted because their root certificates are implicitly trusted by the browser. Geotrust, Digitrust, etc all have certificates that are pre-installed on every current operating system. In other words, when the website's certificate says it is valid for *.f5.com, that statement is signed by a chain of certifcates that end in one that the browser implicitly trusts.
Having said that, if you control the clients and have installed your certificate on them and told them to trust it as root CA, then you can set up a scenario where the BigIP is able to substitute the real website's certificate with one that it generated and signed on the fly, and the client will trust it because it trusts the signer.
We have a document which explains in more detail how it works, and how to configure it
If you're interested, please take a look at our SSL intercept deployment guide
Note that if you were to deploy this without the trusted root certificate on the client, then any browser being directed through the service would alert the user that every https:// site's certificate could not be validated.