Forum Discussion
Thomas_Knutson_
Nimbostratus
May 13, 2011Random HTTP 400 Errors
We recently implemented two 3600 model devices with LTM and ASM running on them. We are primarily running tomcat applications on our back end servers on TCP 8080, and terminating the SSL requests on ...
Are the cert and key PEM encoded? If not, you'll need to convert them to PEM first. You can use openssl on LTM to do this. Just search for convert certificate on AskF5.
If the cert/key are in PEM format, you should see the following format:
-----BEGIN CERTIFICATE-----
MIIEPzCCA6gCAQEwDQYJKoZIhvcNAQEEBQAwgaMxCzAJBgNVBAYTAkVYMRYwFAYD
YEAUAk16xvH2y3cS3Zf3TVQA7lu4JGqiP8YBRjhHvvZwOm3IAYMlZ7OsURGEZkC
...
EeCDRJvnwAk1PK8YUJk5dWBF7u30ndaQ+Bov1vlAy1qGrTpg/N79rdqSjnU881Tb
JdhGUTzpSZKIwLLckSkxkzP/65NG6IxOr+i1oAVkBdJ1N48=
-----END CERTIFICATE-----
If you see multiple certs in the file, you'll want to split out the actual server cert from the rest. You can use openssl to print out details on the cert:
openssl x509 -in server.example.com.crt -noout -text
Check for the certificate subject to see which cert is which. Then copy out just the server cert. You can either copy the file to /config/ssl/ssl.crt/ or upload it via the GUI.
Once you have just the server cert imported, you can try to import the key through the GUI as well.
Aaron