Automate Let's Encrypt Certificates on BIG-IP

To quote the evil emperor Zurg: "We meet again, for the last time!" It's hard to believe it's been six years since my first rodeo with Let's Encrypt and BIG-IP, but (uncompromised) timestamps don't l...
Updated Mar 31, 2022
Version 2.0
application delivery
BIG-IP
irule
security
ssl
ScottE's avatar
ScottE
Icon for MVP rankMVP
Sep 13, 2023

I moved the environmental variables to configuration files so that it can process multiple certificates, both single and SAN.  Also added a "virtual_servers" file which provides the cross references required to map the certificate name(s) to the virtual host on the LB on which to apply the irule and ssl profile to.

There was also a bug I fixed and added a variable in the hook_script.py file for the parent ssl profile that Tim Riker had added.  I've created a pull request:

https://github.com/ScottECampbell/lets-encrypt-python

https://github.com/f5devcentral/lets-encrypt-python/pull/9

Hopefully I've done this all correctly.  I've been running it via cron for over a month with multiple certificates in the config files without any problems.