Sectigo ACME F5 BIG-IP integration overview

The Sectigo ACME F5 BIG-IP Certificate Management Agent (hereafter referred to as agent) is an automation layer developed around open-source Certbot BIG-IP plugin. The default plugin comes with only certificate enrollment capabilities. In addition, Sectigo adds another layer of features on the default plugin to automate the complete SSL certificate management for the HTTP virtual servers of the F5 appliance.

The certificate lifecycle management is handled by the agent that invokes the Certbot plugin to communicate with the Sectigo ACME server to request, renew, or revoke SSL/TLS certificates, install them on the F5 appliances, and enable SSL features on the virtual servers.

Audience

This document is intended for IT administrators and Network Administrators who manage F5 appliances for an organization.

Scope

This document contains instructions for enrolling and managing Sectigo certificates on F5 appliances. Configuration of F5 appliances is out of the scope of this document and the test environment used to test the tool is briefly described in Prerequisites.