Forum Discussion
NimbostratusDevice Certificate - Hostname vs Device Name
Does the hostname of an F5 LTM relate to device certificate in any way? I need to obtain a CA signed certificate for the web admin gui.
If my F5 device name is ltm1.F5.com and the hostname is different, for example LTM001, I can request a cert for ltm1.f5.com? and that will work ok when typing https://ltm1.f5.com in the browser or should the hostname match the device name.
Thanks
4 Replies
Brad_ParkerCirrus
They do not have to match, but my OCD always makes them that way.
Carefull If you're using third party signed certs for Device certs with LTMs communicating with GTMs via iQuery. The certs need to be valid for Client Auth as well as server auth or you will run into issues.
Check out this SOL, and go to the end for the client auth concern I mentioned - but read the whole SOL ;)
Lets use two hands ;) https://support.f5.com/kb/en-us/solutions/public/15000/600/sol15664.html
David_StoutYou can also use a SAN Cert across all devices to simplify the management of certs across multiple devices and simplifies the iQuery issue with setting up multiple chains / trusts between devices.
