Forum Discussion
Add HA Pair as GTM Servers
Having issues adding my LTM's as servers on my GTM. This is a closed environment LTM HA Pair and 1 GTM. 1 layer 2 switch that all three devices are attached. When run the utility bigip_add, I am seeing the following in my gtm log:
May 10 05:58:35 hw8900-16 err gtmd[16765]: 011ae0fa:3: iqmgmt_ssl_connect: SSL error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (336134278)
I had renewed all the device certs and added the device certs to system>device certs> Trusted Device Certificates as well as DNS>glsb>servers>Trusted Server Certificates
I am not sure how to move from here. I am using 11.5.4 HF4 tmos version.
Thanks,
Wallace Branche
- SurgeonRet. Employee
Are you using self-signed cert or 3d party CA signed cert for device certificate? If you are using 3d party signed cert then device cert must include CA cert + all intermediate CA cert + device cert.
https://support.f5.com/csp/article/K7717
- ebenNimbostratus
Hi
Do a re-run of bigip_add. That should fix it.
HTH
- amintejCirrus
Did you add GTM certificate or GTM CA's certificate to "LTM > System > Device certificate > Trusted Device Certificate" ? If I understand correctly the problem is LTMs don't trust in GTM.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com