RSA Certificate & Key question

Employee

Sep 06, 2022

Sure. The questions asked were to attempt to understand the challenges. id_rsa keys are not used for TLS traffic, so you would not apply these to BIG-IP SSL profiles. You would normally use this type of key for SSH remote access to some system. You could also see these keys used in an AFM SSH proxy configuration:

You might have also used id_rsa keys for SSH public key auth to the BIG-IP: https://support.f5.com/csp/article/K13454

Here's some additional information you might find useful regarding TLS certs/keys:

BIG-IP SSL administration: https://techdocs.f5.com/en-us/bigip-15-1-0/big-ip-system-ssl-administration.html
Overview of client SSL profiles: https://support.f5.com/csp/article/K14783
Overview of server SSL profiles: https://support.f5.com/csp/article/K14806
Managing BIG-IP SSL certificates and keys: https://support.f5.com/csp/article/K17379

Otherwise, AD remote user logon (to the BIG-IP) does not use id_rsa (SSH) keys: https://techdocs.f5.com/en-us/bigip-17-0-0/big-ip-systems-user-account-administration/remote-user-account-management.html

Forum Discussion

RSA Certificate & Key question

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Re: Becoming F5 Certified - BIG-IP Administrator Certification - 101 & 201 Exams

it-sa Expo & Congress in Germany - DevCentral Visits

Re: Management Certificate

Certifications for security professionals

My Security+ Certification Journey

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS