HOW TO: Create a Certificate Bundle for an F5 BIG-IP Local Traffic Manager (LTM)

So when I set out to load certificates into my BIG-IP LTM to configure trusted chains it took me a moment to figure out how to create a certificate bundle. A certificate bundle can be attached to an SSL profile and used to advertise acepted certificates in an SSL handshake with a client machine. Basically this is the full chain of all supported certificate paths that your BIG-IP device accepts. First off, a certificate bundle is a much lower tech thing that you might be thinking. It's nothing more than a series of base64 encoded certificates listed in a text file. Steps to create and import a certificate bundle are simple.

Steps:
1) Create a text file. 
2) Copy the base64 encoded certificate for all certificates that you wish to be incuded in your bundle into the text file one listed after another.
3) On your BIG-IP device navigate to System > File Management > SSL Certificate List > Import
4) Choose Import Type "Certificate"
5) Give it  a name that you'll be able to recognize
6) Either chose to upload the file and select the text file you created or choose to copy and past text in which case you'll copy the entire contents of the text file you created and paste them into the box.
7) Click Import



You should have a certificate bundle with all of the certificates for you certificate chain or chains.