With the F5-BIG-IP-KMS-Plugin, you can use F5 BIG-IP certificate management services as a key management server. When selecting this plugin, configure the settings described in the following table.
Setting | Value |
|---|---|
Host | The URL of the F5 BIG-IP server host. For example https://f5.entrust.com |
Port | The port for accessing the F5 BIG-IP service. The default F5 BIG-IP port is 443. |
Partition/Path | The name of the partition in the F5 BIG-IP server. The user must have access to this partition. |
Username | The username for authenticating in the F5 BIG-IP server. The selected user must have an Administrator role for the given partition in the F5 BIG-IP server. |
Password | The password for authenticating in the F5 BIG-IP server. |
Host CA Bundle | The certification chain of the F5 BIG-IP server, as a bundle in PEM format. |
Key Type | The type of keys managed by the F5 BIG-IP server: RSA, EC, DSA. |
Key Length | The bit length of the generated keys, when Key Type is RSA or DSA. |
Curve Name | The name of the elliptic curve, when Key Type is EC. |
Security Type | The type of security for generating the keys: FIPS Enabled Key, Normal Key. |
Enable hostname verification | Mark this checkbox for validating the F5 BIG-IP server certificate in each connection. |
