Forum Discussion
Renewing SAN certificate with existing key via CLI
I'm looking for a way to renew existing certificates that have SANs by using the existing key via command line. We have a requirement to use the existing key as we have had issues in the past by generating a new key every time. I've had a look at https://support.f5.com/kb/en-us/solutions/public/11000/400/sol11438.html on how to create a new SAN certificate however it only seems to work when creating a new key and certificate. Currently we are only requesting certs via the internal CA which doesn't have support for SANs to be added on their end so it must be included in the request. The current script that we use for renewing certs with no SANs works fine on the F5 however certs with SANs can't be properly renewed.
Any help would be much appriciated, I've had to look at ways to do it via tmsh or OpenSSL and there seems to be no suitable way around it.
- IainThomson85_1Cumulonimbus
read - https://support.f5.com/kb/en-us/solutions/public/13000/400/sol13471.html ?
- IainThomson85_1Cumulonimbus
Apologies , That's only when generating new Keys - 12 months ago I remember having issues with SAN renewal, but we were in a position to renew the keys in the end.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com