Forum Discussion
hooleylist
Jan 11, 2012Cirrostratus
If you have an existing cert and key imported to LTM and renew the cert, it should use the existing key. I'd test this with a dummy cert/key first, but I think it should work like that. Else, like Nitass says, you can use openssl to do this on the CLI.
Note that in v11, not all of the cert/key files are stored in /config/ssl/. They're now under /config/filestore/files_d/Common_d/ with links for default.crt, default.key, ca-bundle.crt going back to /config/ssl/. And you must use the GUI or tmsh to import certs and keys into the filestore. Modifying files in the filestore and reloading the config doesn't work anymore...
Aaron