For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Carlos_Garibay_'s avatar
Carlos_Garibay_
Icon for Nimbostratus rankNimbostratus
Jan 08, 2016

SSL Certificate

Hello, I have created a CSR and has been signed by a third party vendor. I followed the instructions from the F5 documentations and have installed the first part of the Cert. Where I'm lost is in...
BIG-IP
BIG-IP Access Policy Manager (APM)
security
Carlos_Garibay_'s avatar
Carlos_Garibay_
Icon for Nimbostratus rankNimbostratus
Jan 08, 2016

ok I found it thanks, now how do set to use that cert versus the default cert? So when users go to webtop its using the correct cert?

 

Thanks Carlos

 

  • Hannes_Rapp's avatar
    Hannes_Rapp
    Icon for Nimbostratus rankNimbostratus
    Jan 08, 2016
    This SOL could be interesting for you - https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14783.html Create a new (custom) clientssl profile where you specify 1) Cert 2) Key 3) Chain (Cert of the authority intermediary who signed your CSR, i.e. DigiCert CA). For Chain, import the Intermediary CA as any other regular Certificate. Before doing so, make sure you have the correct type of Intermediary CA which matches your certificate Issuer Name 1 to 1; you may run into issues if you use incorrect type. If unsure, ask for the correct Intermediary CA Certificate from the same person who sent you the Signed Public Certificate. When you're finished with the creation of your custom clientssl profile, go back to Virtual Server settings, and apply it as `clientssl profile`; click Update. Done! It's never a bad idea to finalize certificate updates by validatating with your favourite online SSL checker, i.e. www.digicert.com/help It will let you know if the certificate is correctly installed.