SSL Certificate (.pfx) import

Question

Hi All, 
As client SSL cert is expired, I have received a new cert from customer with .pfx extension. While trying to import that via
System -&gt; File Management -&gt; SSL Certificate List -&gt; Import -&gt; PKCS 12
I have been prompted to enter a password. Is it a random password I can choose or I need to ask our customer to provide me that password. The customer actually generated the CSR and get that signed by CA.

youssef1 · Answer

Hi,
when your client to generate the PFX he had to protect the PFX with a password (it's a best practice), especially since the PFX contain your private key. So you don't have to enter a random password but you have to asked to your customer the password that he configured/entered during PFX generation. More You may also be asked for the private key password if there is one!
Just for information, when you create a pfx using openssl for example you use this kind of command (create the pkcs12 file that will contain your private key and the certification chain):
openssl pkcs12 -export -inkey your_private_key.key  -in result.pem -name my_name -out final_result.pfx
You will be asked to define an encryption password for the archive (it is mandatory to be able to import the file in IIS for example). 
Regards,

Forum Discussion

SSL Certificate (.pfx) import

Recent Discussions

How to export a list of paired external service providers from APM?

How to Renew F5 Device Certificate

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Statistics ›› Analytics : HTTP : Overview

Related Content

Import certificate as pfx format

Creating, Importing and Assigning a CA Certificate Bundle

Automating ACMEv2 Certificate Management on BIG-IP

Help F5 Transform the BIG-IP Administrator Certification

Automate import of SSL Certificate, Key & CRL from BIG-IP to BIG-IQ

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS