Welcome to Global Trust 256 bit SSL Security Site.

  現在位置 : 技術資源 > 知識庫FAQ > SSL 憑證 > Thawte > 安裝憑證 > F5 Big IP Controller 4.0

技術 / 資訊搜尋 


F5 Big IP Controller 4.0


To install your thawte SSL Web Server Certificate, follow these instructions:

a. Fetch your certificate:

1. You will receive an email when your certificate is issued.
2. Go to your Status page:
https://www.thawte.com/cgi/server/status.exe
3. Enter your Order number and password, if one was set
4. Copy and Paste your thawte Certificate to Notepad and save the file as cert.crt

b. Install your certificate:

After you obtain a valid x509 certificate from a certificate authority (CA) for the SSL Accelerator, you must copy it onto each BIG-IP Controller in the redundant configuration. You can configure the accelerator with certificates using the Configuration utility or from the command line.

To install certificates from the CA using the Configuration utility:

1. In the navigation pane, click Proxies. The Proxies screen opens.
2. On Proxies screen, click the Install SSL Certificate Request tab. The Install SSL Certificate screen opens.
3. In the Certfile Name box, type the fully qualified domain name of the server with the file extension .crt. If you generated a temporary certificate when you submitted a request to the CA, you can select the name of the certificate from the drop down list. This allows you to overwrite the temporary certificate with the certificate from the CA.
4. Paste the text of the certificate into the install SSL Certificate window. Make sure you include the BEGIN CERTIFICATE line and the END CERTIFICATE line. For an example of a certificate, see Figure 8.3.
5. Click the Write Certificate File button to install the certificate. After the certificate is installed, you can continue with the next step in creating an SSL gateway for the server.

To install certificates from the CA using the command line:

Copy the certificate into the following directory on each BIG-IP Controller in a redundant system:

/config/bigconfig/ssl.crt/

Note: The certificate you receive from the certificate authority (CA) should overwrite the temporary certificate generated by genkey or gencert.

If you used the genkey or gencert utilities to generate the request file, a copy of the corresponding key should already be in the following directory on the BIG-IP Controller:

An example of a certificate:

-----BEGIN CERTIFICATE-----
MIIB1DCCAX4CAQAwDQYJKoZIhvcNAQEEBQAwdTELMAkGA1UEBhMCVVMxCzAJBgNV
BAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMRQwEgYDVQQKEwtGNSBOZXR3b3JrczEc
MBoGA1UECxMTUHJvZHVjdCBEZXZlbG9wbWVudDETMBEGA1UEAxMKc2VydmVyLm5l
dDAeFw0wMDA0MTkxNjMxNTlaFw0wMDA1MTkxNjMxNTlaMHUxCzAJBgNVBAYTAlVT
MQswCQYDVQQIEwJXQTEQMA4GA1UEBxMHU2VhdHRsZTEUMBIGA1UEChMLRjUgTmV0
d29ya3MxHDAaBgNVBAsTE1Byb2R1Y3QgRGV2ZWxvcG1lbnQxEzARBgNVBAMTCnNl
cnZlci5uZXQwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAsfCFXq3Jt+FevxUqBZ9T
Z7nHx9uaF5x9V5xMZYgekjc+LrF/yazhmq4PCxrws3gvJmgpTsh50YJrhJgfs2bE
gwIDAQABMA0GCSqGSIb3DQEBBAUAA0EAd1q6+u/aMaM2qdo7EjWx14TYQQGomYoq
eydlzb/3FOiJAynDXnGnSt+CVvyRXtvmG7V8xJamzkyEpZd4iLacLQ==
-----END CERTIFICATE-----


After the certificate is installed, you can continue with the next step in creating an SSL gateway for the server.

To install certificates from the CA using the command line
Copy the certificate into the following directory on each BIG-IP Controller in a redundant system:

/config/bigconfig/ssl.crt/

Note: The certificate you receive from the certificate authority (CA) should overwrite the temporary certificate generated by genkey or gencert.

If you used the genkey or gencert utilities to generate the request file, a copy of the corresponding key should already be in the following directory on the BIG-IP Controller:

/config/bigconfig/ssl.key/

WARNING:In a redundant system, the keys and certificates must be in place on both controllers before you configure the SSL Accelerator. You must do this manually; the configuration synchronization utilities do not perform this function.



技術支援系統登入 忘記密碼?
帳號
密碼

 

主要問題大類
文件區 (3)
SSL 憑證 (0)
CodeSign程式碼簽章 (0)
Email憑證 (24)
隱私條款 法律聲明 安全說明連絡寰宇