Certificate Signing Request (CSR) Generation Instructions for F5 BIG-IP Load balancer version 9.x and 10.x

Solution ID:    SO13386    Updated:    08/11/2017


This document provides CSR generation instructions using F5 BIG IP 9.x or 10.x GUI. If you are not able to perform the steps on your server, Symantec recommends to contact the server vendor or the organization, which supports F5.

NOTE: To generate a CSR, you will need to create a key pair for your server. These two items are a digital certificate key pair and cannot be separated. If you lose your public/private key file or your password and generate a new one, your SSL Certificate will no longer match.

To generate a CSR, perform the following steps:

  1. Launch the F5 BIG IP Web GUI.
  2. Under Local Traffic click SSL Certificates.

  3. Click Create.
  4. Under General Properties give the certificate a name (this name will be used in the future to identify this certificate).
  5. Under Certificate Properties enter the following information:
    • Issuer: Certificate Authority Symantec.
    • Common name: FQDN (fully-qualified domain name) of the server (e.g., www.symantec.com, mail.symantec.com, or for wildcard certificate *.symantec.com).
    • Division: A department name, such as 'Information Technology'.
    • Organization: The full legal name of the organization.
    • Locality, State or Province, Country: City, state, and country where the organization is located. Do not abbreviate.
    • E-mail Address: Your email.
    • Challenge Password, Confirm Password: Enter a password.
  6. Under Key Properties a key size of at least 2048 must be selected.
  7. Click Finished.
  8. Provided will be the text of a Certificate Signing Request file. 
  9. Verify your CSR
  10. Copy and paste the entire body of that file into the enrollment page when prompted.

 Once the certificate has been issued, follow the steps from this link to install it on the server: INFO165



RapidSSL has made efforts to ensure the accuracy and completeness of the information in this document. However, RapidSSL makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein. RapidSSL assumes no liability to any party for any loss or damage (whether direct or indirect) caused by any errors, omissions, or statements of any kind contained in this document.  Further, RapidSSL assumes no liability arising from the application or use of the product or service described herein and specifically disclaims any representation that the products or services described herein do not infringe upon any existing or future intellectual property rights. Nothing herein grants the reader any license to make, use, or sell equipment or products constructed in accordance with this document. Finally, all rights and privileges related to any intellectual property right described herein are vested in the patent, trademark, or service mark owner, and no other person may exercise such rights without express permission, authority, or license secured from the patent, trademark, or service mark owner. RapidSSL reserves the right to make changes to any information herein without further notice.

Contact Support

US Support:

Order Processing

Technical Support

European Support:

Order Processing

Technical Support

SSL digital certificates sales live chat.

Find Answers

Search Tips