BIG-IP systems use Secure Sockets Layer (SSL) authentication to verify the authenticity of the credentials of systems with which data exchange is necessary.
BIG-IP software includes a self-signed SSL certificate. If your network includes one or more certificate authority (CA) servers, you can also install SSL certificates that are signed by a third party. The BIG-IP systems exchange SSL certificates, and use a CA server to verify the authenticity of the certificates.
The big3d agent on all BIG-IP systems and the gtmd agent on BIG-IP Global Traffic Manager (GTM) systems utilize the certificates to authenticate communication between the systems.
You can configure BIG-IP systems for certificate chain SSL authentication.