Applies To:

Show Versions Show Versions

Manual Chapter: Managing Device Certificates
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

14 
When you use BIG-IP® Local Traffic Manager to manage your SSL traffic, you can have a large number of SSL and web certificates on many different Local Traffic Manager devices your network. Traffic certificates are server certificates that a managed device uses in its traffic management tasks. System certificates are the web certificates that allow client systems to log into the BIG-IP system Configuration utility.
Enterprise Manager provides you a overview of all the certificates on each managed device in your network. Using this overview can save you time over monitoring certificate expiration dates on individual Local Traffic Manager devices.
You view traffic certificates and system certificates on their respective Certificate list screens to get a quick overview of vital certificate information such as:
1.
On the Main tab, expand Enterprise Management and click Certificates.
The Traffic Certificates list screen opens (default).
2.
On the menu bar, click System Certificates to view the system certificate list.
To view additional details about a particular certificate, click the name of a certificate to open the Certificate Properties screen.
The status flags on the certificates screens provide you with a quick overview of the certificate status. Table 14.1 defines the status flags provided on the certificates page.
This certificate has expired. When client systems require this certificate for authentication, the client receives an expired certificate warning.
This certificate will expire in 30 days or less. The certificate is still valid, but you should take action to prevent certificate expiration.
You can sort the certificate by clicking the respective column headings, or you can filter the list to display only certificates with a particular status flag.
1.
In the Status column, click the down arrow.
A menu appears indicating the status flags.
2.
From the menu, choose a status flag.
The table changes to display only certificates that match the status flag you selected.
Certificate monitoring is enabled by default for all managed devices. When you monitor a device group, you automatically monitor all of the certificates on all of the devices that are members of that device group.
If you no longer want to monitor certain certificates on a device or device group, you can disable a device or device groups participation. When you disable certificate monitoring for a device, that certificate no longer displays on the certificate list, and certificate expiration alerts are cancelled.
1.
On the Main tab, expand Enterprise Management and click Certificates.
The Traffic Certificates list screen opens.
2.
On the menu bar, click Options.
The Certificate Options screen opens.
3.
For the Devices or Device Groups setting, in the Enabled list, click the name of a device or device group.
4.
Click the Move (>>) button.
The selected device or device group moves to the Disabled list.
5.
Click Save Changes.
Enterprise Manager no longer monitors certificates defined on the devices and device groups that you moved to the Disabled list.
1.
On the Main tab, expand Enterprise Management and click Certificates.
The Traffic Certificates list screen opens.
2.
On the menu bar, click Options.
The Certificate Options screen opens.
3.
For the Devices or Device Groups settings, in the Disabled list, click the name of a device or device group.
4.
Click the Move (<<) button.
The selected device or device group moves to the Enabled list.
5.
Click Save Changes.
Enterprise Manager now monitors certificates defined on the devices and device groups that you moved to the Enabled list.
When managing device certificates, you may want a simple, single-file copy of all the certificate information about all certificates that are stored on all managed devices in the network. You can use Enterprise Manager to export a list of all certificates (including all pertinent values for each certificate) to a comma-separated values (CSV) file format.
1.
On the Main tab, expand Enterprise Management, and click Certificates.
The Traffic Certificates list screen opens.
2.
On the menu bar, click Export.
The Certificates Export screen opens.
3.
In the File Name box, click the certificate_export.csv link.
A browser-based dialog box opens so that you can rename or save the file on your local system.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)