picture of tbs certificates
picture of tbs certificates
Our products range

Install a certificate on a F5 platform (BIG-IP , Firepass, ...)

You received your certificate by email with one or several intermediate certificates and a root certificate. Keep this email within reach.

1- Retrieve your certificate(s) on your server

Download the files indicated in the delivery email, or go to the certificate status page and click on the "View certificate" button:

  • A: your server certificate (.cer file)
  • B: the certification chain ("See the certification chain" button)

For recent Big-IP servers

For recent versions of Big-IP, you can directly import a file in PKCS12 format (.pfx) which contains your certificate, the certification chain as well as your private key.
To obtain it, you can generate a PFX file using our KeyBot tool if your certificate request (CSR) was generated directly from the order form. Otherwise you can generate a PFX file with the help of a tool like OpenSSL. See our documentation: Make a pkcs12 (.pfx or .p12) from files for OpenSSL

2- Install the certificate

Log into your F5 administration interface:
  • F5 BigIP:

    • Go to the SSL Certificate List page which is:
      • On BIG-IP 13.X : System > Certificate Management > Traffic Certificate Management > SSL Certificate List
      • On BIG-IP 12.X : System > File Management > SSL Certificate List
    • Select Import
    • In the import type, select Certificate
    • In the field Certificate Name, select Create New and choose a unique name for your certificate, or select Overwrite Existing to replace an existing certificate. From the list, choose the certificate to replace.
    • In Certificate Source, select Upload file and go find the path where your certificate is stored. Or you can choose the option Paste text for copy paste the contents of your certificate.
    • Click on Import.

  • F5 Firepass:

    • Go to Device Management: Security: Certificates page: Renew/Replace SSL Server Certificate
    • Click on Install
    • Fill in the content of your certificate and your private key in the corresponding fields
    • In the field Optionally, put your intermediate certificate chain here (in the PEM format), enter the content of your intermediate certificate (s) and the root certificate.
    • Finally click on Go

4- Activation on F5 BigIP

  • Create a SSL Profile
  • select the certificate and its intermediate
    1. Open SSL Profile
    2. In Configuration, select Advanced
    3. Select the concerned certificate
    4. Select the corresponding private key
    5. In Trusted Certificate Authorities, select the chain file
    6. Save and quit

External links