Applies To:

Show Versions Show Versions

Manual Chapter: External File Management
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

External File Management

Introduction to external file management

You can import certain external files for use by iRules®, or you can import or create SSL certificates. The external files that iRules can use are data group files and iFiles. Using the BIG-IP® Configuration utility, you can manage these external files or SSL certificates from a central location.

Data group files

Using the BIG-IP® Configuration utility, you can import an existing file that contains content that you want to reference in an iRule. You import this file from another system to the BIG-IP system.

When you import an existing file to the BIG-IP system, you create an external data group, specifying this information:

  • The location of the external file that you want to import to the BIG-IP system.
  • A unique name for the imported file.
  • The data group type (address, string, or integer).
  • The separator for each key/value pair specified in the data group (the default value is :=).
  • A unique name for the data group.

About iFiles

Using the BIG-IP® Configuration utility, you can import an existing file or URL from another system to the BIG-IP system, with content that you want an iRule to return to a client based on some iRule event.

To use this feature, you first import an existing file or URL to the BIG-IP system and then assign a new name to the file. To import a file with the BIG-IP Configuration utility and assign it a new name, you use the System area of the navigation pane.

External monitor program files

Using the BIG-IP® Configuration utility, you can import an existing external program monitor file to the BIG-IP system, with content that an external monitor can reference.

To use this feature, you first import an existing file from another system to the BIG-IP system and then assign a new name to the file. To import a file and assign it a new name, log in to the BIG-IP Configuration utility, and on the Main tab, expand System, and click File Management.

After importing the file, you use the Local Traffic area of the BIG-IP Configuration utility to create a new external monitor program based on the imported file.

SSL certificate files

Using the BIG-IP® Configuration utility, you can import an existing certificate file from another system to the BIG-IP system, or you can create a new SSL certificate. To import or create an SSL certificate, log in to the BIG-IP Configuration utility, and on the Main tab, expand System, and click File Management.

An imported certificate file has these attributes:

  • Contents
  • Common Name
  • Organization
  • Expiration date
  • Partition / Path

Using the BIG-IP Configuration utility, you can view, import, renew, or export a device certificate.

You can also import or export a device key. The properties of a device key are:

  • Key type (such as KTYPE_RSA_PRIVATE)
  • Key size (such as 1024 bits)
  • Security type, either Normal or FIPS (FIPS-enabled systems only)

There are several types of files that you can import using the File Management screens of the BIG-IP Configuration utility. These file types are:

  • Key files
  • Certificate files
  • PKCS 12 (IIS) files
  • Archive files
  • Certificate Revocation List (CRL) files
Note: Do not attempt to manage certificates by copying SSL certificate files into the /config/ssl/* directory and then reloading the system configuration. Certificate-related files are not stored in that location. Therefore, you must use the BIG-IP Configuration utility or tmsh to manage certificate files, key files, and CRL files.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.

Additional Comments (optional)