Automating Certificate Management on F5 BIG-IP
The Certificate Lifespan Revolution
Welcome to part one of our two-part series on certificate automation for the BIG-IP platform.
Certificate lifecycle management is undergoing a seismic shift th...
Published Jun 23, 2025
Version 1.0Noof
Employee
Joined May 15, 2019
emalzer
Altostratus
Jul 07, 2025Hi!
Very nice article! As I'm not a fan of running the ACME client on the BIG-IPs themself, I wrote a plugin ready to use for certbot: https://gitlab.com/emalzer/certbot-f5bigip
You can run certbot then on a VM or in a container and centralise the configuration for different domains and different BIG-IP clusters here in one single place. Or authenticate with one cluster and install on another cluster.
And I built another repo to maintain then this certbot commands and configurations - definitely worth taking a look: https://gitlab.com/emalzer/certbot-ansible
Feel free to use them for your automation! I will build another plugin for XC and NEXT in the near future.