Forum Discussion

Cirrostratus

Nov 23, 2023

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

Hello fellow F5ers, this article (https://my.f5.com/manage/s/article/K47052252) explanes how to manually reset the Device Trust Certificates on BIG-IP system using the web configuration utility. I ...

application delivery

devops

whisperer

MVP

Nov 25, 2023

You can use the TMSH command to run a bash command. In this case, openssl to generate the device self certificate (K9114 article). May be best however to create a file to feed into openssl with your required inputs such as CN, locality, etc and run the openssl command against this. Ansible supports running TMSH commands and running commands on the linux command line. I use that for setting master keys across devices 🙂

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

Recent Discussions

F5 - AS3 - BIGIQ / BIGIP SchemaVersion Missunderstanding

F5OS API - not able to create vlan

F5 APM - limiting access to the bandwidth for network Access

Change LB priority based on status

High CPU utilization (100%).

Related Content

Ansible module to update BIG-IP root/admin passwords

Ansible - Running bash commands with bigip_command module - How it's done

Existing Ansible BIG-IP modules

Checksums for F5 Ansible modules

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS