F5 Device Administration/configuration - Vulnerabilities

Question

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

dario_garrido · Answer

Hello NetWork.&nbsp;Self-signed certificates cannot be used to authenticate sites.Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.&nbsp;To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.&nbsp;Regards,Dario.

Answer

Thanks &nbsp; I am going to close this question as duplicative with https://devcentral.f5.com/s/feed/0D51T00007xnOrhSAE - any further clarification or conversation can happen over there. As a reminder - if Dario or Lidev helped you out please help them out (and others) by upvoting or Selecting As Best.

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

F5 Device Administration/configuration - Vulnerabilities

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS