For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Sulaiman_85782's avatar
Sulaiman_85782
Icon for Nimbostratus rankNimbostratus
May 29, 2014

Alert Message

Hi

 

I am getting the following alert getting generated on all my devices. May 29 14:42:57 bigip01 alert big3d[6569]: 012b600f:1: SNMP_TRAP: SSL cert from IP ::ffff:10.10.100.10:42162 WILL EXPIRE on Jun 9 08:34:08 2014 GMT

 

I cant seem to see what Certificate is about to expire. The IP Address that is being mentioned is the IP address of the Enterprise Manager. Any ideas how I can track down which Certificate it is that is causing the alert?

 

application delivery
LTM
management
TMOS

4 Replies

  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    May 29, 2014

    BIG-IP appliances managed by EM should store the EM certificate in /shared/em/ssl.crt

     

    • Sulaiman_85782's avatar
      Sulaiman_85782
      Icon for Nimbostratus rankNimbostratus
      May 30, 2014
      Hi Cory I checked the folder and the only 2 files that are there have certificates that expired in April 2014.
  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    May 30, 2014

    EM's device certificate that it uses to identify itself should be here:

     

    /config/httpd/conf/ssl.crt/server.crt

     

    http://support.f5.com/kb/en-us/solutions/public/8000/100/sol8187.html

     

  • DisSsha_22912's avatar
    DisSsha_22912
    Icon for Nimbostratus rankNimbostratus
    May 06, 2015

    Hi,

     

    Our certificat on EM will expire the 19th of May 2024. But all my F5 managed by it have in /shared/em/ssl.crt a certificat that will expire this 19th of May 2015. Do you know how can I update the EM certificat on my F5s ?

     

    Because we are sending a lot of SNMP trap due to this certificat expiration.

     

    Regards,