Forum Discussion

Nimbostratus

Jan 11, 2012

Create SSL CSR Against existing Key

Hi there, We're coming from an existing Apache set-up, whereby all CSR's were generated by OpenSSL on a Linux server against a defined Private Key. This meant that these certificates were e...

config

design

hooleylist

Cirrostratus

Jan 11, 2012

If you have an existing cert and key imported to LTM and renew the cert, it should use the existing key. I'd test this with a dummy cert/key first, but I think it should work like that. Else, like Nitass says, you can use openssl to do this on the CLI.

Note that in v11, not all of the cert/key files are stored in /config/ssl/. They're now under /config/filestore/files_d/Common_d/ with links for default.crt, default.key, ca-bundle.crt going back to /config/ssl/. And you must use the GUI or tmsh to import certs and keys into the filestore. Modifying files in the filestore and reloading the config doesn't work anymore...

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Create SSL CSR Against existing Key

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Create a DevCentral account

Need to create irule

Creating a Credential in F5 Distributed Cloud to use with AWS

Create an external SNMPv3 monitor

Create Your Own Certificate Authority

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS