End of Sale Notice:

F5 NGINX is announcing the End of Sale (EoS) for NGINX Controller API Management Module, effective January 1, 2024.

F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing NGINX Controller API- Management customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.

See our End of Sale announcement for more details.
End of Sale Notice:

F5 NGINX is announcing the End of Sale (EoS) for NGINX Controller Application Delivery Module, effective January 1, 2024.

F5 maintains generous lifecycle policies that allow customers to continue support and receive product updates. Existing NGINX Controller Application Delivery customers can continue to use the product past the EoS date. License renewals are not available after September 30, 2024.

See our End of Sale announcement for more details.

Manage Certs

Create, apply, and mange Certs to use with your environments.

Overview

Follow the steps in this topic to create and use Certs with an Environment.

Tip:
If you prefer, you can use the NGINX Controller API to create and manage certificates. Refer to the NGINX Controller API reference guide (Services > Certs API) for details.

Before You Begin

Objectives

  • Create a Cert
  • View, Edit, and Delete Certs

About Certificates

Certificates can either be created by using the API or from references to file system paths on the NGINX instance.

Certificates created via the API – and their associated Certificate chains and private keys – can be defined in either PKCS12 (binary) or PEM (ASCII) formats. Once created via the API, these certs are stored in PEM format in an internal secret store. References to Certificates stored in the secret store can be associated with the ingress defined in a gateway or component. This means that the referenced Certificate and key are available to the NGINX instances referenced in the placements associated with gateways and, ultimately, used for decryption/encryption of requests/responses by these NGINX instances.

Certificates that reference file system paths on the NGINX instance let you use private key and certificate data stored directly on the file system of the NGINX instance.

Create a Cert

To create a Cert:

  1. Open the NGINX Controller user interface and log in.
  2. Select the NGINX Controller menu icon, then select Services.
  3. On the Services menu, select Certs.
  4. On the Certs menu, select Create Cert.
  5. On the Create Cert page, complete the fields to define your Cert.
  6. Select Submit.

View, Edit, and Delete Certs

To view, edit, and delete Certs:

  1. Open the NGINX Controller user interface and log in.
  2. Select the NGINX Controller menu icon, then select Services.
  3. On the Services menu, select Certs.
  4. On the Certs menu, select Overview. The Certs Overview page is displayed and shows a list of your certs.
  5. To view the details for a Cert, select the name of the Cert from the list provided. This opens the Cert Overview in a side panel. There, you can see any linked objects, such as Components and Gateways, that are using the Cert. You can also view details about any other certificates in the chain.
  6. To edit the Cert, select Edit Config on the Quick Actions menu.
  7. To delete the Cert, select Delete Config on the Quick Actions menu.

What’s Next