F5 Device Administration/configuration - Vulnerabilities

Question

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

dario_garrido · Answer

Hello NetWork.&nbsp;Self-signed certificates cannot be used to authenticate sites.Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.&nbsp;To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.&nbsp;Regards,Dario.

Answer

Thanks &nbsp; I am going to close this question as duplicative with https://devcentral.f5.com/s/feed/0D51T00007xnOrhSAE - any further clarification or conversation can happen over there. As a reminder - if Dario or Lidev helped you out please help them out (and others) by upvoting or Selecting As Best.

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Illegal Metacharacter in Parameter Name in Json Data

Cisco TACACS+ Config on ISE LTM Pair

AS3 declaration to set cookie to preferred

SSL Bridging and FQDN rewrite Policy

Checking for X-Forwarded-For against an Address Data-Group

Related Content

F5 Device Administration/configuration - Vulnerabilities

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

BYOEDR, Undetectable backdoor, WhoFi, Cyberattack to airline, and Clickjacking vulnerability

Coordinated Vulnerability Disclosure: A Balanced Approach

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS