Forum Discussion

emalzer's avatar
emalzer
Icon for Cirrus rankCirrus
Feb 19, 2026

F5 BIGIP & XC certbot plugin

Hi!

As I maintain the certbot-f5bigip plugin to enable the certbot as ACME client to validate and install certificates, I now published the certbot-f5xc plugin! Currently only DNS validation with the DNS01 challenge is supported, so if you use F5 XC for DNS, you can use this plugin to verify domains for your certificates and use the certificate then for other infrastructure beside XC HTTP LBs (which can do auto-cert provisioning already).

I will add an installer next, so certificates can be uploaded / installed to XC and re-used with HTTP LBs, so stay tuned!

Here are the links to the repositories on gitlab.com:

https://gitlab.com/emalzer/certbot-f5bigip

https://gitlab.com/emalzer/certbot-f5xc

https://gitlab.com/emalzer/certbot-ansible

 

15 Replies

Show More
  • lnxgeek's avatar
    lnxgeek
    Icon for MVP rankMVP
    Jun 11, 2026

    emalzer​ just one question.

     

    I can see the certificate object has the name _Letsencrypt postfix. Is that something that can be changed? 

     

    We are not using LE, so it tiggles my ocd looking at it 😄 

    • emalzer's avatar
      emalzer
      Icon for Cirrus rankCirrus
      Jun 11, 2026

      sure, you can change the suffix:

        --f5-bigip-inst-suffix F5_BIGIP_INST_SUFFIX
                        Custom Suffix for certificates, keys and chains
                        (default: Letsencrypt)

       

  • mfunk_cfc's avatar
    mfunk_cfc
    Icon for Mist rankMist
    Jun 17, 2026

    Does this also manage the management/api ssl cert as well? I've got a solution for handling the certs on the various VIPs but it does not handle the cert for the actual F5 appliance itself.