Forum Discussion

Cirrostratus

Nov 23, 2023

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

Hello fellow F5ers, this article (https://my.f5.com/manage/s/article/K47052252) explanes how to manually reset the Device Trust Certificates on BIG-IP system using the web configuration utility. I ...

application delivery

devops

whisperer

MVP

Nov 25, 2023

You can use the TMSH command to run a bash command. In this case, openssl to generate the device self certificate (K9114 article). May be best however to create a file to feed into openssl with your required inputs such as CN, locality, etc and run the openssl command against this. Ansible supports running TMSH commands and running commands on the linux command line. I use that for setting master keys across devices 🙂

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Is custom BIG-IP device certificates renewal via cli or ansible-modules possible?

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Ansible module to update BIG-IP root/admin passwords

Ansible - Running bash commands with bigip_command module - How it's done

Existing Ansible BIG-IP modules

Automating Certificate Management on F5 BIG-IP

Checksums for F5 Ansible modules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS