Forum Discussion
LTM HA Pair SSL Certs
- Aug 30, 2022
Hello, client certificate repository is syncronized in a HA cluster so if you need to renew client certificate you can just do it on one unit and then perform config sync. Usually, import new key first and then import new certificate. If you're creating a new object, you will also need to modify clientSSL profiles and refer the new certificate/key pair and eventually new trust chain as well.
- Aug 30, 2022
Hello,
Sorry, I though he was asking about the device certificate itself. For the client ceritificate for any service, it can be synced betwen the HA pair as CA_Valli mentioned.
Hello, client certificate repository is syncronized in a HA cluster so if you need to renew client certificate you can just do it on one unit and then perform config sync. Usually, import new key first and then import new certificate. If you're creating a new object, you will also need to modify clientSSL profiles and refer the new certificate/key pair and eventually new trust chain as well.
- Aug 30, 2022
Hello,
Sorry, I though he was asking about the device certificate itself. For the client ceritificate for any service, it can be synced betwen the HA pair as CA_Valli mentioned.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com