Forum Discussion

srinidhi12's avatar
srinidhi12
Icon for Cirrostratus rankCirrostratus
Feb 22, 2023

F5 HTTP API Request

Hi All, Does the F5 server support an HTTP option (instead of HTTPS and TLS) for accessing the API, if yes please let me know how to configure for HTTP connection instead of https.    Thanks!
application delivery
cloud
devops
event
security
Mike757's avatar
Mike757
Icon for MVP rankMVP
Feb 27, 2023

Hi srinidhi12,

No, you must never import private keys when dealing only with trust. Keys are used for encryption/decryption, not for trust. In this case it seems you're using a self-signed certificate for F5 management, so it's like a special case of a Root CA establishing the trust for itself (by definition, a Root CA is self-signed).

But... reading between the lines in your question makes me believe things are not working yet. Or are they?

If not, I would suggest the procedure in my previous post: get a traffic capture, confirm the certificate your java machine is getting from the F5 box is the one you are expecting to see there. Or in other words, if that certificate is signed by the one you have imported into java trust store.

/Mike

  • srinidhi12's avatar
    srinidhi12
    Icon for Cirrostratus rankCirrostratus
    Feb 27, 2023

    Thanks Mike757 

    for now the certificate is recognised by Java, but during the https connection request, I get the below error in the SSL verification:

    javax.net.ssl.SSLPeerUnverifiedException: Hostname 10.10.10.10 not verified:

    (10.10.10.10 -F5 management IP)

    Now I have a query that if any other step is required to verify the hostname.