Forum Discussion

Nimbostratus

Sep 02, 2015

SSL Certificate - Signature Verification Failed Vulnerability

Hi, i have following vulnerability on the scan.Can some body know how to fix this F5 ASM version 11.4 SSL Certificate - Signature Verification Failed Vulnerability CVSS Temporal...

ASM Advanced WAF

security

boneyard

MVP

Sep 07, 2015

not that much information (sure a whole lot of text on the issue, but that is just copy pasting).

i assume a basic vulnerability scan (probably with Qualys) was performed against the management interface of your BIG-IP?

in that case it probably doesn't like that you are using the the self signed BIG-IP server certificate which isn't signed by a CA the scanning tool knows. so to resolve this you have to put a certificate signed by a known CA on the BIG-IP: http://support.f5.com/kb/en-us/solutions/public/14000/600/sol14620.html

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Certificate - Signature Verification Failed Vulnerability

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Automating Certificate Management on F5 BIG-IP

Configure NGINX microgateway for MTLS termination and client certificate hash verification

OpenSSH vulnerability

Automating ACMEv2 Certificate Management on BIG-IP

Mitigating Log4j Vulnerability using F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS