Getting error while trying to create Clientssl Profile

Question

I have extracted cert and key in pem format from pfx file and imported them to F5.&nbsp;
Now when i try to create Clientssl profile I get below error:&nbsp;
01070313:3: Error reading key PEM file /config/ssl/ssl.key/CERT_SBWEB_INTERNAL.key for profile PROFILE_SBWEB_INTERNAL: error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib&nbsp;
What can I check for this?&nbsp;

kevin_stewart · Answer

Did you export the cert and key from pfx with or without a passphrase on the key?&nbsp;
What platform are you running? On 11.x platforms you can import directly from pkcs12.&nbsp;

dipta_03_149731 · Answer

Thanks for replying Kevin.
Its a old version device 9.4.x so I had to run different set of open ssl commands to extract the pem file sfrom pfx and then imported to the device and it worked fine.&nbsp;
openssl pkcs12 -nocerts -out sbwebkeys.pem -in ime_sbweb_f5_cert/ export.pfx
openssl pkcs12 -in ime_sbweb_f5_cert\ export.pfx -nocerts -out sbwebkeys.pem&nbsp;

Forum Discussion

Getting error while trying to create Clientssl Profile

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

TLS server_name extension based routing without clientssl profile

Capture Virtual Server Clientssl Profile & Ciphers Mapping - Bash

Question on configuring SNI clientSSL Profile

limit to number of clientssl profiles

Getting Started on DevCentral

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS