CSR instead of real certificate in SSL client profile

Question

Hi guys,&nbsp;I recently have seen at a customer a SSL profile which was referencing a certificate signing request and key + CA rather than the real certificate.While this seems strange, my question is if is there any impact in the functionality in having a CSR + root CA rather than the real one?

david_m · Answer

and this is working fine? how will the client see the CN and get the public key and check for cert validity and stuff like that?

bryan_t_ · Answer

It's should be a signed public key certificate, not a CSR in the client profile. I'm surprised the BigIP even let this happen.

livius · Answer

It shows "RSA Certificate, Key &amp; Certificate Signing Request" whereas other certificates show only "RSA Certificate &amp; Key". Does that actually mean that the CSR was generated on the LB itself?

bryan_t_ · Answer

yes that's correct.

b_s · Answer

Hi Bryan,I have the same situation, showing me "RSA Certificate, Key &amp; Certificate Signing Request" for a specific certificate. I have no other Content like that on our LB but only "RSA Certificate, Key " . What I've done was just to renew a certificate which was going to expire, sent it to be signed by our PKI and import the new certificate. I don't understand why the CSR is still there and how can I get rid of it. Is this happening because something wrong on my side when I generated the CSR or by my colleague who signed the certificate on PKI?&nbsp;Thank you!

Forum Discussion

CSR instead of real certificate in SSL client profile

Recent Discussions

ip x-forwarding

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Related Content

Re: Management Certificate

Server Side Profile not show the certificate

Certifications for security professionals

Certificate Expiry Email alert configuration

LTM Certificate expire

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS