Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2017-04-06 09:43:38.0

How is the Server Certificate installed on F5 BIG IP?

Article Number: 46355

User-added image
Purpose: SSL/TLS certificate installation guide
For F5 BIG IP 11.3.0
User-added image

Need Certificate Signing Request (CSR) help? Please see our technote on how to generate a CSR in F5 BIG IP here.

The installation is in three parts:
1) Downloading the certificate
2) Importing Chain and Intermediate certificates
3) Installing the Server Certificate

Step 1 of 3: Downloading the certificate

Click the Download button in the pickup wizard to download your certificate files. Clicking the download button will produce a zip file that contains the following files:
•   ServerCertificate.crt: Your signed SSL/TLS certificate
•   ChainBundle1.crt: The Entrust Certificate chain bundled in a single file

Step 2 of 3: Importing Chain and Intermediate certificates

1. Launch the F5 BIG-IP web GUI.
User-added image

2. On the Main tab, expand System.
User-added image

3. Click SSL Certificate to display the list of existing certificates.
User-added image
User-added image

4. In the upper right corner, click the Import button.
User-added image

5. From the Import Type drop down, select Certificate.
User-added image

6. In the Certificate Name field, enter EntrustChain. In the Certificate Source box, browse to the location of the ChainBundle1.crt file.
User-added image

7. Click Import. The new certificate should appear in the list as EntrustChain.
User-added image
 
Step 3 of 3: Installing the Server Certificate

1. Go back to SSL Certificate List to display the list of existing certificates.
User-added image

2. Click the name you assigned to the key file when you created your Certificate Signing Request.In this example the name for the key file is Mykey.
User-added image

3. Click Import.
User-added image

4. In the Certificate Source box, browse to the location of theServerCertificate.crt file that you downloaded in step 1. Click Import.
User-added image

5. The Server Certificate and Key should now appear in the list.
User-added image
User-added image

6. On the Main tab of the F5 BIG-IP interface, expand Local Traffic and click on Profiles.
User-added image

7. In the top menu bar, click on SSL > Client.
User-added image

8. Create a new SSL Profile by clicking Create or open an existing SSL profile that has already been setup.
User-added image

9. From the Configuration drop down, select Advanced.

10. In the Configuration section, check the Custom box
User-added image

11. Under Certificate, select your Server Certificate. It will appear with the same friendly name as private key.

12. Under Key, select the name of the Key from the drop down. This key was generated when you generated your Certificate Signing Request before your requested your certificate.
User-added image

13. Under Chain, select EntrustChain that was imported in section A above from the drop down.
User-added image
 
User-added imageYour SSL/TLS certificate should now be installed.

Check that your Certificate has been successfully installed by testing it on the Entrust SSL Install Checker.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance: 

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET 
North America (toll free): 1-866-267-9297 
Outside North America: 1-613-270-2680 (or see the list below) 
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.
 

CountryNumber
Australia0011 - 800-3687-7863
1-800-767-513
Austria00 - 800-3687-7863
Belgium00 - 800-3687-7863
Denmark00 - 800-3687-7863
Finland990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
France00 - 800-3687-7863
Germany00 - 800-3687-7863
Hong Kong001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
Ireland00 - 800-3687-7863
Israel014 - 800-3687-7863
Italy00 - 800-3687-7863
Japan001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
Malaysia00 - 800-3687-7863
Netherlands00 - 800-3687-7863
New Zealand00 - 800-3687-7863
0800-4413101
Norway00 - 800-3687-7863
Singapore001 - 800-3687-7863
Spain00 - 800-3687-7863
Sweden00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
Switzerland00 - 800-3687-7863
Taiwan00 - 800-3687-7863
United Kingdom00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088

      
 
 

TN8270

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable