Forum Discussion

Luca_55898's avatar
Icon for Nimbostratus rankNimbostratus
Sep 09, 2011


Getting heaps of these messages in my syslog server:



SNMP_TRAP: SSL cert EXPIRED from IP ::ffff:203.42.xx.xx:62255



THe problem is that none of my SSL certs are expired and the public IP it lists is not even one that my company owns... its a random IP.



Any thoughts?


6 Replies

  • Hi Luca,



    Can you run tcpdump or something like it on your syslog server to see what the source IP is for the trap?



    How many LTMs do you have? Can you run checkcert -v on your LTMs to see if there are any expired certs? Maybe it's a default cert for the GUI?



  • We have numerous LTMs. This error is comming from two LTMs that are in a HA cluster.



    We have about 10 certs on this device, the earliest one expires in 2013.
  • Actually just looking around a bit under "System ›› Device Certificates ›› Trusted Device Certificates" there are a few certs that have exipred but i don't know what they are.



    There is one names - DHCP-217, My company





    localhost.localdomain, my company.



  • ...



    sorry forget it. i misunderstood the question.


  • Anyone got any other suggestions here?


    I can't see anything else that would be causing this.



    Might log a case with F5 anyway.
  • i understand you are correct. the message could be caused by device certificate.



    sol8187: Troubleshooting BIG-IP device certificates




    sol7466: The default validity length for BIG-IP SSL device certificates is one year




    feel free to open a ticket if you need any help. i do not know much about gtm anyway.