- I'm curious as to what Venafi is and what is has to do with Silverline.
- Silverline WAF
- Silverline DDoS
- Silverline SHAPE
- HTTPS encryption is more prevalent than ever, but can be difficult to scale. F5 Silverline and Venafi have teamed up to make it easy to automate the use of keys and certificates for application teams using Silverline managed solutions.
Here's the information and details surrounding Venafi + Silverline's API.
Description of Fields / Configuration:
We understand for outbound FW rule access you’ll need an IP address and we're confident you can use this IP for the foreseeable future. Any changes to this name/IP will be well communicated to all customers.
TCP port: 443 (this is all HTTPS communications and TLS1.2)
User Name: This field will not be used by the F5 Silverline Adaptable Driver
This will need to be the API Token created in the F5 Silverline Portal.
We would strongly suggest creating a unique API key for both QA and Prod environments and labeling them appropriately in the portal so you can perform correct revocation of the token if needed.
An example Token looks like: 700aa3a4c12337dec0ebdb5bc7302a4b (so you know when you’ve found the right thing)
Silverline Portal Menu: Config -> API Tokens
Private Key Password: If the private key is password encrypted, this should be included here. The driver handles this automatically.
F5 Silverline Cert/Key Name:
This field is required and is the linkage between the configured F5 Silverline Cert/Key object and the Venafi configuration for the Cert/Key to be pushed correctly to Silverline.
This field is checked against a Regular Expression for validation during processing; the driver will kick an error back to TPP if it doesn’t meet the naming convention: [a-z0-9A-Z_-]
Silverline Portal Configuration (please note, this object and related Cert/Key were created by the Venafi Driver simulator and are not installed in the customer's environment; example only):