Forum Discussion

sloehandman's avatar
sloehandman
Icon for Nimbostratus rankNimbostratus
Mar 05, 2018

Cannot deploy or export SSL keys from Big IQ

We have not been able to deploy any configurations from Big IQ (V 5.3) to existing LTM (12.1.2) Virtual Servers if they are not natively created on Big IQ. However, we were hopeful that we could manage SSL certificates from Big IQ. So we created keys, CSR's and imported the associated certificates successfully on the Big IQ natively. The hope was we could deploy them to each LTM that required them. There should be no object conflict since these are net new objects being introduced to the LTM. We tried deploying as a partial with just the key to a single LTM. The Big IQ stated the evaluation and deployment was successful but this was in error as the LTM had no such object. This was not unexpected as we have not been successful with others. What was unexpected is the inability to export the private keys so we may import them on the LTM's. I have not been able to identify what directory these keys may be in or find any information on this subject. Any help useful!

 

  • nathe's avatar
    nathe
    Icon for Cirrocumulus rankCirrocumulus

    Sloehandman,

     

    Odd as you should be able to amend existing virtual servers on a managed bigip and manage/deploy certificates. See Managing SSL certificates

     

    Any errors on bigip or BIG-IQ? Are you logged in to BIG-IQ with deploy rights?

     

    N