Forum Discussion
F5 HTTP API Request
Hey, srinidhi12
I saw another user (TimRiker) helping you on the other post, and I'm inclined to repeat his answer: if you're using a self-signed certificate, you have to add that very certificate to Java's trust store. If you're using a certificate signed by a private CA, you need to add the root (and possibly the rest of the chain) to the trust store.
See if this link will help, and if you imported the management certificate in this way: https://connect2id.com/blog/importing-ca-root-cert-into-jvm-trust-store
I would also recommend that you verify the certificate you're receiving from F5 is the one you're expecting. You can do that with a traffic capture on your java client machine, or in F5 itself with:
# tcpdump -nni mgmt host <IP of java client> -s 0 -w <filename>
This assumes you're connecting to the management interface, normally called "mgmt"; you can confirm that with "ifconfig". Break the tcpdump with Ctrl-C, and then download the file with SCP, open in wireshark, confirm SSL handshake includes what you expected.
/Mike
Hi, thanks for the response.
I have imported the device certificate in my Java keystore.
Just wanted to know if only the certificate is enough or do I need "key" to access the server from java.
Thanks!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com