Profile ssl server using pass phrase

Question

Hola, buenas&nbsp;Necesito actualizar un certificado publico, pero me encuentre un par de profile ssl server usando pass phrase, el escenario es que me pasaran un certificado en formato pfx con su clave de proteccion.Entonces cuando actualice el certificado en el profile ssl server, debo ingresar la clave de proteccion del pfx en el pass phrase , previamente importado ?O cuando actualice automaticamente f5 cambia el pass phrase ?&nbsp;&nbsp;No tengo mucha experiencia en f5 y es primera vez que me encuentro en este escenarioEncontre este articulo pero nose si lo estoy interpretando bien:https://my.f5.com/manage/s/article/K14806&nbsp;Gracias y saludos a tod@s&nbsp;

melissa_c · Answer

Hello jcbr2002​&nbsp;
Providing the community with a translation of your post.&nbsp;
"Hello, good day,
&nbsp;
I need to update a public certificate, but I've encountered a couple of SSL server profiles using a passphrase. The situation is that I've been given a certificate in PFX format with its protection key.
&nbsp;
So, when I update the certificate in the SSL server profile, do I need to enter the PFX protection key in the passphrase field, after importing it?
&nbsp;
Or does F5 automatically change the passphrase when I update the certificate?
&nbsp;
I don't have much experience with F5, and this is the first time I've encountered this scenario.
&nbsp;
I found this article, but I'm not sure if I'm interpreting it correctly:
https://my.f5.com/manage/s/article/K14806
Thank you and greetings to everyone."
&nbsp;
-Melissa&nbsp;

bramsbytes · Answer

Unless the private key that is inside the PFX is also protected by a password you wouldn't need to put in a Passphrase in the Server SSL profile.

Personally, I have never encountered an encrypted private key and just providing the password while importing the PFX file was sufficient.

Did you create the CSR your self? If so: did you put a password while generating the private key? If yes: then you'll need that Passphrase on the Server SSL Profile, otherwise no, you don't need to provide a password for the private key.

jcbr2002 · Answer

Gracias BramsBytesNo, I didn't create the CSR file; the PFX file was given to me by another department. I don't know if they entered a password, but I assume not. In any case, if the current passphrase is the password used to import the current certificate, will it have any impact? Apparently not, but I'm checking with the previous administrators to see what they did.&nbsp;Gracias y saludos&nbsp;

Forum Discussion

Profile ssl server using pass phrase

3 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Software Downgrade from version 17.x.x to 15.x.x

Error diskmonitor

CPU utilization of F5OS on r2600

sslprovide (--f5 ssl) does not generate CLIENT/SERVER_TRAFFIC_SECRET on server-side TLS traffic

Hardware replacement i2800 to r2600

Related Content

SSL Profiles Part 7: Server Name Indication

iControl REST Cookbook - Virtual Server Profile (LTM Virtual Profiles)

Server Profile SNI

SSL Profiles Part 9: Server Authentication

F5 MCP(Model Context Protocol) Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS