Forum Discussion
Bryan_Vance_171
Nimbostratus
NimbostratusWildcard Certificates
We are looking at using a wildcard certificate going forward. I see where I can import the certs in Big IP and that it will except a PKCS 12 IIS cert and convert it to PEM for me. My question is when I export the cert from IIS I am also supposed to export the private key. When Importing to the F5 is the cert and key two separate imports or will it get the private key when I import the PKCS cert? I noticed in the import options there is an option just for a key. The only documentation I have found so far on wildcard certs is SOL6823.
Thanks,
Vitaliy_SavransNacreous
Hi,
Importing a PKCS 12 (IIS) file
Note: The BIG-IP system automatically converts PKCS 12 certificates to PEM format when the files are imported.
Impact of procedure: Performing the following procedures should not have a negative impact on your system.
1.Log in to the Configuration utility. 2.Navigate to System > File Management > SSL Certificates List. 3.Click Import. 4.From the Import Type list, select PKCS 12 (IIS). 5.In the Certificate Name section, type a name for the certificate. 6.In the Certificate Source section, click Choose File. 7.Click Import.For additional information about managing certificates see SOL14620
- Bryan_Vance_171Thanks for the reply.
If you import a bundle cert/key, I'm pretty sure you will get both.
Is there any reason not to just try and see? It's completely non-disruptive and you will quickly know the answer.
- Bryan_Vance_171That's a good point. They wanted me to make sure of the process before purchasing a cert. Thanks for the reply.
- The worst case scenario is you convert using openssl to a cert and key separate files and then import both separately. There is no way any cert/key you 'buy' (in any available popular format) will take more than 2 minutes to import into the bigip. openssl is installed on the bigip if you don't have your own installation somewhere and you can convert anything to anything easily.
