Forum Discussion
Nimbostratus2 way ssl not working with open ssl generated certificates
The problem is Connection error: ssl_shim_vfycerterr:4530: certificate is not yet valid
If you are seeing this then its likely the time on you BIG-IP needs to synchronised.
Set a DNS server
System -> Configuration -> Device -> DNS add 8.8.8.8
Set an NTP Server
System -> Configuration -> Device -> NTP add pool.ntp.org
If the time does not update within a minute check you can reach your DNS server. From the command line
ping 8.8.8.8If the system has never been synced before then run the following...
service ntpd stop ntpdate pool.ntp.org service ntpd startThis will force time to sync no matter the time difference.
NacreousThe problem is Connection error: ssl_shim_vfycerterr:4530: certificate is not yet valid
If you are seeing this then its likely the time on you BIG-IP needs to synchronised.
Set a DNS server
System -> Configuration -> Device -> DNS add 8.8.8.8
Set an NTP Server
System -> Configuration -> Device -> NTP add pool.ntp.org
If the time does not update within a minute check you can reach your DNS server. From the command line
ping 8.8.8.8
If the system has never been synced before then run the following...
service ntpd stop
ntpdate pool.ntp.org
service ntpd start
This will force time to sync no matter the time difference.
NimbostratusThanks Kevin for the update. This is our lab device so we dont have a DNS as such, when you say time sync does that mean the Certificate Authority issued issued certificates and the LTM device clock should be in sync or the end machine which is accessing the URL should be in sync
