Forum Discussion

Nimbostratus

Dec 09, 2020

F5 Device Administration/configuration - Vulnerabilities

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

MVP

Dec 12, 2020

Hello NetWork.

Self-signed certificates cannot be used to authenticate sites.

Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.

To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.

Regards,

Dario.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

F5 Device Administration/configuration - Vulnerabilities

Coordinated Vulnerability Disclosure: A Balanced Approach

Windows Critical RCE Vulnerability, Malicious Solana-py, and EDRKillShifter

Enhancing Software Security with Rust: A Solution to Common Vulnerabilities

Cyberattacks On Embassies, Threat Actor Using ChatGPT To Write Malware, and MMS Vulnerabilities

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS