F5 Introduction
This section refers to the F5 BigIP integration with Horizon, used to enroll certificates used by F5 BigIP.
This integration involves at least two infrastructure components:
-
F5 BigIP
-
F5 AS3 enabled
-
EverTrust Horizon
Horizon connects to the F5 BigIP using the AS3 declarative document API in order to manage the lifecycle of certificates within the BigIP.
Limitations
Horizon can only manage the lifecycle of certificate already on the F5 AS3. It cannot push new certificate to it.
Horizon can renew certificates that need to be renewed on the AS3 and replace the previous certificate.
Horizon can revoke certificates that are removed from the AS3 and are managed in Horizon.
Horizon cannot remove certificates from the AS3 after a revocation on Horizon.
You will need to import your F5 AS3 certificates into Horizon, it is recommended to use horizon-cli to do so.