Forum Discussion
Mic_108850
Altostratus
Altostratusissue when renew certificate on BIG-IP v10.1
i renew the certificate for mydomaine
i imported the new one provided by Thawte using 'import' function on the existing certificate
it seems ok on the big-ip, i see the new...
Hamish
Cirrocumulus
CirrocumulusWrong terminology...
The key is is the secret part of the key pair that was created when you (Or someone else) created the CSR... (A CSR is the public key, plus attributes, e.g. cn= etc.).
The cert is the CSR that has been cryptographically signed by the CA's private key (So you can use their public key to check the signing).
It's the CERT that changes... Not the key... (For a renewal you take the same keypair and basically resubmit it to the CA for signing again wit a new expiry date - hence the cert is different). I'll reiterate again that I don't recommend reusing the same for a renewal. Much better to re-create a new keypair using the currently supported max length (Currently 2048 which is also the minimum you should be using).
H
