SSL Certificate Import

Question

Hi all... post 1 here, so please go easy on me.  Tried searching for this topic, but not much success: 
&nbsp;  
&nbsp; Trying to import an SSL certificate, to offload HTTPS for a Sharepoint web farm using BIGIP LTM 6400 9.3.1. The cert currently is installed on WFE 1 (Win2008, IIS7).  
&nbsp;  
&nbsp; If I export the cert from IIS, the only option I have is to export as password-protected .PFX.  When I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, including the private key, again the only option I have is to export as password-protected .PFX.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, this time NOT including the private key, and export as .CER.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; I've confirmed that the name on the cert matches what I've entered for "Certificate Name" on the import screen, and neither time have I been prompted to supply the password. 
&nbsp;  
&nbsp; I was told by support that I needed to upgrade to get the password-protected file to work, so we went to 10.0.1 on a test system running the same config as production...now I get: 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, including the private key, again the only option I have is to export as password-protected .PFX.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, this time NOT including the private key, and export as .CER. This time it imports successfully, but still doesn't prompt me for a password. 
&nbsp;  
&nbsp; What am I doing wrong on the 9.3.1 version? 
&nbsp; How do I separate the private key from the .PFX to import into another area? 
&nbsp;

mark_sullivan_5 · Answer

Not sure if this is what you need but check it out.  It worked for me! 
&nbsp;  
&nbsp; http://vegan.net/lb/archive/05-2002/0018.html

johns · Answer

Go to tech.f5.com and look up solution 6549.  I think that will do what you need.

kevin_mcd_51656 · Answer

you guys are incredible... thanks so much, that worked like a CHARM!!!

Forum Discussion

SSL Certificate Import

3 Replies

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Load Balancing IIS Servers

remove www from domain

Front azure traffic from F5 LTM onpremises

F5 BigIP APM VPN some LDAP field are base64 encoded

Two Arm Deployment mode using PBR

Related Content

Automate import of SSL Certificate, Key & CRL from BIG-IP to BIG-IQ

Import certificate as pfx format

SSL Certificate Report

Understanding Server SSL Trusted Certificate Authorities on BIG-IP

Import ssl certicate bundle through iControl as user with Certificate Manager role

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS