Skip to content

Create a new F5 BIG-IP LTM machine

Creating a new machine is the initial step in enabling TLS Protect Cloud to connect directly to application keystores for certificate management. Once you have created machines, you can move on to provisioning certificates to those machines.

Before you begin

  • IP address or hostname of the F5 BIG-IP LTM
  • Port number (conditional): required if you're using a port different from 443.
  • Credentials: Choose between user credentials or shared credentials. - User credentials: The account you use must have admin permission. - Shared credentials: Optionally, you can use shared credentials from your credential provider (CyberArk is the only credential provider currently supported by TLS Protect Cloud). To use this option, first set up the connection to CyberArk.
  • Supported F5 versions: 13.1.x, 14.1.x, 15.1.x, and 16.1.x

  1. In the F5 BIG-IP LTM Address/Hostname field, enter the hostname or IP address of your F5.

  2. If your F5 uses a port other than 443, enter the port number in the Port field.

  3. (Optional) From the Credential Type drop-down, select either Enter Credentials or Select Credentials. Only users with the enabled "CyberArk shared credential" capability will see this option.

    Important

    Your view of credentials may be limited due to your role. System Administrators and PKI Administrators should be able to select any credential, but users with the Resource Owner role are limited to only using the credentials associated with their teams.

    Note

    • Enter Credentials - Is used to enter your admin credentials manually.
    • Select Credentials - Is used to select your shared credentials from CyberArk.
    • If you choose Enter Credentials, enter your F5 admin credentials in the Username and Password fields.
    • If choose Select Credentials. From the Credential drop-down, select your shared credentials.

  4. Enter your F5 admin credentials in the Username and Password fields.

  5. Click Test Access, then click Create. Note that Create is only enabled if the Test Access is successful.

What's next?

Now that you have one or more machines created, you can provision certificates to those machines.