BIG-IQ 6.0.0 :: Management Interface Certificate :: Trusted CA's

Question

Anybody know how to replace the existing self-signed certificate on the management interface of the BIG-IQ platform with something signed by a CA? I attempted K52425065 however that did not work (for what it's worth, the "applies to" details of the article did not include 6.0.0).&nbsp;
Also - our proxy performs SSL inspection, and the BIG-IQ does not trust its CA. Because of this it cannot connect outbound such as to iHealth. Anybody know how to add a trusted certificate authority for outbound connections?&nbsp;

ryan77777 · Answer

So in regards to the first part... K52425065 gives you options for using your own certificate filenames. In order for this to work it has to be EXACTLY server.crt and server.key (so, not your own certificate filenames). Making that change, it then worked properly. However the article states to restart httpd when you really need to restart webd.&nbsp;
Still trying to figure out the trusted CA.&nbsp;

Forum Discussion

BIG-IQ 6.0.0 :: Management Interface Certificate :: Trusted CA's

Recent Discussions

How to Renew F5 Device Certificate

How to export a list of paired external service providers from APM?

BIG-IP Edge Endpoint Inspection Failure pre-VPN

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Related Content

Re: Management Certificate

Automating certificate lifecycle management with HashiCorp Vault

Traffic Management User Interface Vulnerability: The Fix and Temporary Mitigation Options

Configuring Smart Card Authentication to BIG-IP Management Interface

management interface failover

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS