ltm profile certificate-authority
ltm profile certificate-authorBIG-IP TMSH ltmuprofile certificate-authority(1)
NAME
certificate-authority - Defines the settings necessary to authenticate
the client certificate.
MODULE
ltm profile
SYNTAX
Configure the certificate-authority within the ltm profile module using
the syntax shown in the following sections.
CREATE/MODIFY
create certificate-authority [name]
modify certificate-authority [name]
options:
authenticate-depth
ca-file
crl-file
default-name
description
update-crl
edit certificate-authority [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list certificate-authority
list certificate-authority [ [ [name] | [glob] | [regex] ] ... ]
app-service
partition
show certificate-authority
show certificate-authority [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
field-fmt
non-default-properties
one-line
DESCRIPTION
Use the certificate-authority component to modify or display a
certificate-authority profile.
EXAMPLES
create ltm profile certificate-authority mycaprofile { ca-file ca.crt }
Creates a certificate authority profile named mycaprofile using the
system defaults.
modify ltm profile certificate-authority mycaprofile { authenticate-
depth 3 }
Modifies the authenticate-depth setting to 3 for the certificate
authority profile named mycaprofile.
OPTIONS
app-service
Displays the application service to which the object belongs. The
default value is none.
Note: If the strict-updates option is enabled on the Application
Service that owns the object, you cannot modify or delete the
object. Only the Application Service can modify or delete the
object.
authenticate-depth
Specifies the authenticate depth. This is the client certificate
chain maximum traversal depth.
ca-file
Specifies the certificate authority file name or, you can use
default for the default certificate authority file name.
Configures certificate verification by specifying a list of client
or server certificate authorities that the traffic management
system trusts.
crl-file
Specifies the certificate revocation list file name. You can use
default for the default certificate revocation file name.
defaults-from
Specifies the profile that you want to use as the parent profile.
Your new profile inherits all settings and values from the parent
profile specified.
description
User defined description.
name Specifies the profile instance name. This option is required for
the modify command.
partition
Specifies the administrative partition within which the profile
resides.
regex
Specifies the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
update-crl
Automatically updates the CRL file.
SEE ALSO
edit, glob, list, modify, regex, show, tmsh,
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2008-2013. All rights reserved.
BIG-IP 2013-04-ltm profile certificate-authority(1)