SSL Certification (thawte) installation

In which format, PEM, PFX etc.. do you have ssl certificate ? Do you want to use certificate in a Virtual Server ?

yes ..use for Virtual Server

I have thawte SSL certificate exported from web server

Thank you.

Steps: A.Generate CSR B.Send CSR file to 3rd pary vendor and they will give the certificates(including intermediate) C.Import the provided certs to F5 device D.Configure new SSL certs under Client profile E.Apply client profile to virtual server

Generate CSR: Login to F5 active device Go to System ›› File Management : SSL Certificate List Click create button and update the details as mentioned below Note: In common name you need to mention FQDN name. If it is not a wildcard certificate then you need to mention as FQDN name. If it is wild card mention * before FQDN. Always select key size as 2048.

B. Download the CSR file and send to vendor

C. Vendor will provide following certificates.

. Website certificate --This one you need to import . AddTrustExternalCARoot . UserTrustSAAddtrustCA . Trusted Secure Certificate Authority

D. Now import the certs as mentioned below. System ›› File Management : SSL Certificate List ›› Import

E.Key import details are mentioned below. System ›› File Management : SSL Certificate List ›› Import

Both Cert and key should be same name

Once cert, key and intermediate certs are imported we need to create SSL client profile

F.Configure new SSL certs under Client profile

Create a new profile as mentioned below Go to Local Traffic ›› Profiles : SSL : Client In Certificate, key and chain select the files which you created Then click Add Once certificate key chain is update, click finished

Most of the times you need to update intermedaite certificate. Then you need to bundle certificates other than website certificate and import and call in SSL client profile chain section.

Please let me know any more information is required

Generate CSR: Login to F5 active device Go to System ›› File Management : SSL Certificate List Click create button and update the details as mentioned below Note: In common name you need to mention FQDN name. If it is not a wildcard certificate then you need to mention as FQDN name. If it is wild card mention * before FQDN. Always select key size as 2048.

B. Download the CSR file and send to vendor

C. Vendor will provide following certificates.

. Website certificate --This one you need to import . AddTrustExternalCARoot . UserTrustSAAddtrustCA . Trusted Secure Certificate Authority

D. Now import the certs as mentioned below. System ›› File Management : SSL Certificate List ›› Import

E.Key import details are mentioned below. System ›› File Management : SSL Certificate List ›› Import

Both Cert and key should be same name

Once cert, key and intermediate certs are imported we need to create SSL client profile

F.Configure new SSL certs under Client profile

Create a new profile as mentioned below Go to Local Traffic ›› Profiles : SSL : Client In Certificate, key and chain select the files which you created Then click Add Once certificate key chain is update, click finished

Most of the times you need to update intermedaite certificate. Then you need to bundle certificates other than website certificate and import and call in SSL client profile chain section.

Please let me know any more information is required

If you already have a public and private key from the web server, you do not need to generate a CSR (providing the supplied certificate meets all your requirements)

If you already have crt file then CSR generation is not required.