Forum Discussion

Nimbostratus

Jun 08, 2011

Certificate removed from ca-bundle between 10.2.0 and 10.2.1

This may be the wrong topic group for this one, if so apologies and please advise... I was recently involved in an upgrade from 10.2.0 to 10.2.1. After upgrading we had issues with an HTTPS...

config

design

Michael_Yates

Nimbostratus

Jun 10, 2011

If you look at the top of the ca-bundle.crt file, they list where they get the updates:

This is a bundle of X.509 certificates of public Certificate

Authorities. It was generated from the Mozilla root CA list.

Source: mozilla/security/nss/lib/ckfw/builtins/certdata.txt

Generated from certdata.txt RCS revision 1.56

You can download updated CA-Bundles here: http://curl.haxx.se/docs/caextract.html

That might be a good place to start investigating why it was removed, but you can also add it back in if you like. It is just a collection of the most common root certificates.

Hope this helps.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Certificate removed from ca-bundle between 10.2.0 and 10.2.1

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

Creating, Importing and Assigning a CA Certificate Bundle

Automating ACMEv2 Certificate Management on BIG-IP

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

F5 Certified Administrator NGINX certification now available!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS