Forum Discussion
Jeff_Knights_44
Nimbostratus
NimbostratusRenewing device certificate - safe?
I have an HA pair of Big-Ip 3900's, and the device certificate has expired (self signed)
can I safely renew it without fear of causing any stoppages to the customer facing web applications?
this...
Might be helpful to identify which device certificate you're referring to.
If you're referring to the device certificate for UI admin page, that would be here:
/config/httpd/conf/ssl.crt
http://support.f5.com/kb/en-us/solutions/public/7000/700/sol7754.html
As mentioned, this shouldn't affect connectivity through the SSL Virtual Servers.
The device trust certificate for HA would be here:
/config/ssl/ssl.crt/dtca.crt
http://support.f5.com/kb/en-us/solutions/public/13000/900/sol13946.html
It would be best to take a maintenance window if updating these since you have to break the device trust to update them.