Managed PKI for SSL Support - Installation Instructions for F5 BIG-IP - VeriSign UK Ltd.
VeriSign, Inc.® United Kingdom Home | Worldwide Sites | Site Map
Products & Services Solutions Support About VeriSign Existing Customers
You Are Here: United Kingdom Home > Support > Managed PKI for SSL Support > Installation Instructions for F5 BIG-IP

Managed PKI for SSL Support
MPKI for SSL Information
Generate a CSR
Certificate Enrolment
Install a Certificate

Installation Instructions for F5 BIG-IP

This document provides instructions for installing SSL Certificates. If you are unable to use these instructions for your server, VeriSign recommends that you contact your software vendor or an organisation that supports F5 BIG-IP.

Premium and Intranet Edition SSL Certificates

If you are installing a Managed PKI for SSL Premium Edition or a Managed PKI for SSL Intranet Certificate, you need to first install the intermediate CA (‘intermediate.crt’) provided by your administrator.

  1. Copy the entire text of the Intermediate CA Certificate, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines.
  2. Paste into a file named intermediate-ca.crt using Vi or Notepad. Do not use Microsoft Word or other word processing programs that may add characters.  Do not to include any leading or trailing white space before the beginning and ending hyphens.
  3. Place the intermediate-ca.crt file in the directory: /config/bigconfig/ssl.crt
  4. The full path to the file is: /config/bigconfig/ssl.crt/intermediate-ca.crt
  5. In a redundant system, the keys and certificates must be in place on both controllers before you configure the SSL Accelerator. Do this manually; the configuration synchronisation utilities do not perform this function.

Managed PKI for SSL Administrators: how to find your Intermediate CA.

Install the SSL Certificate

When your Managed PKI for SSL Administrator has approved your request you will receive an email from VeriSign that contains your certificate. If the certificate is an attachment (Cert.cer), you can use the file. If the certificate is in the body of the email, copy and paste it into a text file (such as OriginalCert.txt) using Vi or Notepad. Do not use Microsoft Word or other word processing programs that may add characters. Confirm that there are no extra lines or spaces in the file.

  1. In the navigation pane, click on Proxies.
  2. On Proxies screen, click on the Install SSL Certificate Request tab. The Install SSL Certificate screen opens.
  3. In the Certfile Name box, enter the fully qualified domain name of the server with the file extension .crt. If you generated a temporary certificate when you submitted a request to VeriSign, you can select the name of the certificate from the drop-down list. This allows you to overwrite the temporary certificate with the certificate from VeriSign.
  4. Paste the text of the certificate into the install SSL Certificate window. Make sure you include the BEGIN CERTIFICATE line and the END CERTIFICATE line.
  5. Click on Write Certificate File to install the certificate. After the certificate is installed, continue with the next step in creating an SSL gateway for the server.

Support

For more information, go to the F5 Support Center.
Contact Us
Contact Support >>
Contact VeriSign Legal Notices Privacy Repository © 2003 - 2008 VeriSign UK Limited. All rights reserved.
9/29/08 9:58 PM