Forum Discussion

Cirrostratus

Nov 23, 2023

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

Hello fellow F5ers, this article (https://my.f5.com/manage/s/article/K47052252) explanes how to manually reset the Device Trust Certificates on BIG-IP system using the web configuration utility. I ...

application delivery

devops

whisperer

MVP

Nov 25, 2023

You can use the TMSH command to run a bash command. In this case, openssl to generate the device self certificate (K9114 article). May be best however to create a file to feed into openssl with your required inputs such as CN, locality, etc and run the openssl command against this. Ansible supports running TMSH commands and running commands on the linux command line. I use that for setting master keys across devices 🙂

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Problem with sending BotDefense logs to remote server

ASM/AWAF declarative policy

Managing iRules configuration

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

Related Content

Ansible module to update BIG-IP root/admin passwords

Ansible - Running bash commands with bigip_command module - How it's done

Existing Ansible BIG-IP modules

Logging/Blocking possible prompt injection

Automating Certificate Management on F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS