Forum Discussion
r23_78178
Nimbostratus
NimbostratusCertificate update
Hi,
I recently updated a certificate for a client. I did this before. I use the CLI because it is easy.
I did something like this :
echo 'BEGIN CERTIFICATE
> /config/ssl/ssl.crt/example.net.crt'
It worked then but now it did not work. Apparently the profile using the certificate had a passphrase . Last time i also updated the key this time only the certificate.
This is what the profile looked like :
profile clientssl example.net {
defaults from clientssl
key "example.net.key"
cert "example.net.crt"
passphrase ""
}
Any ideas on the behavior ? Do you know what I can do in the future to avoid such issues but still add certificates so simply ?
nitassEmployee
It worked then but now it did not work. what did it not work? what was the error? how did you know it did not work?
r23_78178The customer checked the new certificate and it still showed the expiration date of the old certificate despite the fact that I had overwritten it. Not sure what browser they used.- nitasshave you done "b load" or "update" the ssl profile?
sol10561: The BIG-IP system may not use a renewed SSL certificate
http://support.f5.com/kb/en-us/solutions/public/10000/500/sol10561.html?sr=18707405 - r23_78178Okay , I will use that in the future.
Thanks. - r23_78178BTW - is there some way to use the "b load" command in a non dissruptive way ?
- nitassBTW - is there some way to use the "b load" command in a non dissruptive way ?i do not think so.