请稍候...
  • 通配符证书Wildcard SSL,部署全网HTTPS必备
  • 为什么使用企业型SSL证书?
  • 增强型证书EV SSL,完美支持地址栏显示中文企业名称
  • HTTPS今天你用了吗?
  • 多域名SANS/UCC SSL证书,全面支持Exchange Server 2..
  • 选择SSL证书产品遇到问题?

f5 BIG-IP - 安装SSL证书

点击数:162014-11-25 12:20:20 来源: 中国数字证书CHINASSL

If you have not yet created a Certificate Signing Request (CSR) and ordered your certificate, see 
F5-BIG-IP SSL Certificates-CSR Creation

Install your SSL Certificate to a f5 BIG-IP Loadbalancer (version 9)

Installing the SSL Certificate

  1. Launch the F5 BIGIP web GUI.
  2. Under Local Traffic select "SSL Certificates."
  3. Click on the name you assigned to the certificate under "General Properties" while creating the CSR.
  4. Browse to the your_domain_name.crt file that you received from ChinaSSL.
  5. Click "Open" and then "Import."

    Your SSL Certificate file is now installed.

Enabling your Intermediate Certificate

  1. In the web GUI, choose "Local Traffic," then "SSL Certificates," and then "Import."
  2. Under "Import Type," choose Certificate, then "Create New."
  3. Enter "ChinaSSLCA" as your certificate name.
  4. Browse to the ChinaSSLCA.crt file that you received from ChinaSSL, click "Open," and then "Import."

    Your intermediate certificate should now be imported.

Configure your server for SSL

  1. Create or open the SSL Profile that you will be using with this certificate.
  2. Log in to the Configuration utility > Local Traffic > Profiles > Client (from the SSL menu), then select the client to configure and choose "Advanced" from the Configuration menu.
  3. Select the SSL certificate (public/private key pair) that you installed at the beginning of these instructions.
  4. Under the "Chain" section, browse to the "ChinaSSLCA" file that you imported in the previous step, then save and exit the configuration

    Your SSL Certificate has now been installed and enabled for use on your server.

f5 BIG-IP Pre Version 9.x

Inside your ChinaSSL account you can download your certificate files. You will need the Primary (your_domain_name.crt) and Intermediate (ChinaSSLCA.crt) certificate files. You will need both of these files for proper installation on you BIG-IP device. You do not need the TrustedRoot.crt file

  1. Move your Primary and Intermediate Certificates to the BIG-IP device.

    The Primary (your_domain_name.crt) and Intermediate (intermediate-ca.crt) certificate files can be moved to the BIG-IP box using FTP.

  2. Rename and move the certificate files.

    Rename your Primary certificate from your_domain_name.crt to your.domain.name.crt and copy it to the /config/bigconfig/ssl.crt/ folder.

    Copy the intermediate-ca.crt to the /config/bigconfig/ssl.crt/ folder.

  3. Restart the Proxy.

    # bigpipe proxy <IP Address>:443 disable
    # bigpipe proxy <IP Address>:443 enable

    The Certificate is now installed.

上一页1下一页