sys crypto cert-order-managerΒΆ

sys crypto cert-order-manager(1)			BIG-IP TMSH Manual			  sys crypto cert-order-manager(1)

       cert-order-manager - Certificate order manager on the BIG-IP(r) system.

       sys crypto

       A cert-order-manager Manages the collection of Certificate Authority (CA) requirements for making certificate orders using
       the syntax given in the following sections.

	 create cert-order-manager [name]
	 modify cert-order-manager [name]
	     app-service [[string] | none]
	     additional-headers [[string] | none]
	     authority [comodo | digicert | godaddy | symantec]
	     auto-renew [yes | no]
	     base-url [URL | none]
	     ca-cert [certificate file object]
	     client-cert [certificate file object | none]
	     client-key [certificate key file object | none]
	     client-key-passphrase [[string] | none]
	     internal-proxy [internal proxy object]
	     login-name [[string] | none]
	     login-password [[string] | none]
	     order-info [string]
	     validity-days [days | none]

	 list cert-order-manager [name]

	 delete cert-order-manager [name]

       cert-order-manager A component holds the Certificate Authority's (CA) specific requirements for making certificate orders.
       The user needs to select a CA from the supported list, configure the necessary authentication information, and order the
       information specific to the selected CA.

       create sys crypto cert-order-manager certmgr authority comodo login-name login-password default ca-
       cert ca-bundle.crt internal-proxy iproxy-caapi additional-headers "customerUri:myorg-auto-poc" order-info "{ orgId 5678
       serverType -1 certType 136 }"

       Creates a certificate order manager certmgr for certificate authority comodo. For CA account login authentication username and password default is used. ca-bundle.crt is used for authenticating a TLS connection to a CA server
       and validating the certificate issued by the CA. customerUri:myorg-auto-poc provides customer Uri issued by comodo for the
       certificate requesting organization. In order info { orgId 5678 serverType -1 certType 136 }  organization identity orgId
       5678 is provided by comodo, and certType 136 is the certificate product type offered by comodo for the organization.

       list sys crypto cert-order-manager certmgr

       Shows all the properties of the cert-order-manager certmgr.

       delete sys crypto cert-order-manager certmgr

       Deletes the cert-order-manager certmgr from the system.

	    Specifies additional headers required for the certificate authority with expected format "key:value,...". For example:
	    (comodo) "customerUri:mycomp-auto-poc"

	    Specifies a certificate authority.

	    Enable/Disable the certificate automatic renewals. By default, the automatic certificate renewal is enabled.

	    Specifies the base-url for reaching the CA. This is an optional field which gets populated with default values for a
	    specific certificate authority.

	    Specifies the CA certificate to be used for authenticating the TLS connection with the CA server. ca-cert is also used
	    for validating an issued certificate from CA before accepting into the system.

	    Specifies the client authentication certificate used for accessing the CA account. This is a required field for
	    certain CA accounts.

	    Specifies the client authentication key used for accessing the CA account. This is a required field for certain CA

	    Specifies the optional key passpharse required for decrypting the client-key.

	    Provides an editor for creating and modifying the order-info configuration. This should be the last property since
	    selecting save and exit from the editor automatically submits the configuration.

	    Specifies the internal proxy object that should be used for reaching the CA server.

	    Specifies the login name for accessing the CA account. This is a required field for certain CA accounts.

	    Specifies the login password for accessing the CA account. This is a required field for certain CA accounts.

	    Specifies a string containing necessary information for making certificate orders with CA. Format and fields of order-
	    info varies with the CA.

	    Specifies certificate validity in days. The default value is 365 days.

       create, list, modify, delete, tmsh

       No part of this program may be reproduced or transmitted in any form or by any means, electronic or mechanical, including
       photocopying, recording, or information storage and retrieval systems, for any purpose other than the purchaser's personal
       use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 2018. All rights reserved.

BIG-IP							    2018-12-06				  sys crypto cert-order-manager(1)