Forum Discussion
F5 Device Administration/configuration - Vulnerabilities
- Dec 09, 2020
Hi,
Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)
So, even if your device is only access by network administrators, it's not something to be advised (there's a risk if one of the admin account or admin access is compromised)
A good article on this topic : When are self-signed certificates acceptable?
Regards
Hello NetWork.
Migrated from another thread:
Self-signed certificates cannot be used to authenticate sites.
Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.
To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.
Regards,
Dario.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com