Fail to use encrypted private key in clientssl profile

Question

When I try to use encrypted private key when I create clientssl profile, it replies with the following error and fail to proceed 
&nbsp;  
&nbsp; 01070313:3: Error reading key PEM file /config/ssl/ssl.key/ssl_eapTestDES.key for profile pClientssl_eapTest: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch 
&nbsp;  
&nbsp; I had tried to use the same key/cert pairs in unencrypted form and it works without any problem. I had also tried to encrypt the key in DES, DES3, AES128, AES192 and AES256, all of them give the same error

hoolio · Answer

Which LTM version are you running?  Have you configured the passphrase for the key in the client SSL profile?  I think the ability to use an SSL key with a passphrase was added in 9.2.  For details on configuring and verifying a server cert/key in a clientssl profile, you can check SOL10167:   
&nbsp;      
&nbsp;   SOL10167: Overview of the ClientSSL profile   
&nbsp;   https://support.f5.com/kb/en-us/solutions/public/10000/100/sol10167.html   
&nbsp;  
&nbsp; Aaron

Forum Discussion

Fail to use encrypted private key in clientssl profile

1 Reply

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Can I use F5 Big-IP WAF as HoneyPot

SSH forward proxy

Multiple Default Gateways

ASM Sec-CH-UA-Full-Version-List backquote in Header

Scenarios where Service Policy should be used over iRule and Vice versa

Related Content

Let's Encrypt

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Automate Let's Encrypt Certificates on BIG-IP

Load Balancing TCP TLS Encrypted Syslog Messages

Encrypting Cookies

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS