Configuring SSL Orchestrator objects on deployed topologies

Sometimes, you might want to configure SSL configurations, services, service chains, security policies outside of an SSL Orchestrator (SSLO) topology, so you can have one object associated with multiple topologies. In this scenario, you might want to configure SSLO objects independently and then mass deploy them to multiple configurations. Once an object is updated outside of a topology in this way, you must redeploy all topologies to implement desired changes on the managed BIG-IP devices.

To independently deploy an SSL configuration to an existing SSLO configuration, make sure that you have deployed an SSLO topology in BIG-IQ using the guided configuration. To do so, navigate to the

Configuration

tab, and select

SSL Orchestrator

. From there, you may select any of the following menus to edit an object independently:

SSL Configuration

,

Service

,

Service Chain

, or

Security Policy

.

To add one of these objects to a topology, navigate to the corresponding object within a topology workflow. At the top of the page, there will be two options for configuring your object:

Create New

or

Use Existing

. Select

Use Existing

to use a previously-configured object within this SSLO configuration.