Automate Let's Encrypt Certificates on BIG-IP
Updated Mar 31, 2022
Version 2.0Was this article helpful?
Hi kgaigl...yes, you can do that. Because this script updates the certs/keys in a transaction, it will not complain that they are attached to an existing ssl-profile.
Creating/updating ssl-profiles can also be automated, but I would probably segment that logic out into a different script (and even this script might need some massaging for your needs), maybe one that manages the needs for which domains are secured, and then calls the lets-encrypt action to create/upload certs, makes sure they are there, then acts on adding/updating/removing the appropriate key/value pairs in the profile as necessary.