For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

m1978_295079's avatar
m1978_295079
Icon for Nimbostratus rankNimbostratus
Sep 07, 2018

SSL Certificate (.pfx) import

Hi All, As client SSL cert is expired, I have received a new cert from customer with .pfx extension. While trying to import that via System -> File Management -> SSL Certificate List -> Import -> ...
application delivery
devops
LTM
youssef1's avatar
youssef1
Icon for Cumulonimbus rankCumulonimbus
Sep 07, 2018

Hi,

when your client to generate the PFX he had to protect the PFX with a password (it's a best practice), especially since the PFX contain your private key. So you don't have to enter a random password but you have to asked to your customer the password that he configured/entered during PFX generation. 

More You may also be asked for the private key password if there is one!

Just for information, when you create a pfx using openssl for example you use this kind of command (create the pkcs12 file that will contain your private key and the certification chain):

openssl pkcs12 -export -inkey your_private_key.key  -in result.pem -name my_name -out final_result.pfx

You will be asked to define an encryption password for the archive (it is mandatory to be able to import the file in IIS for example).

Regards,