Forum Discussion

Nimbostratus

Oct 24, 2016

TCP-Out-Of-Order Packets on new sha 2 certificates

Hi all, we just try using new sha2 certificates on the F5 LTM 12.0 and saw the errors below for one of our HTTPS web services. On the certificate ciphers we are keep it as DEFAULT. What could be miss...

application delivery

BIG-IP

Doran_Lum

Nimbostratus

Oct 24, 2016

Yes correct, when i import the certificate, I use the pkcs12(iis) option and put the password of the certificate.

How do i check if there's a password on the key ?

On the CA, I usually export the certs together with the private key and put in the password. It will then be exported as pfx format.

I also just check on the cert and key. Both matches as below

[adm@Host:Active:Changes Pending] certificate_d  openssl x509 -noout -modulus -in /config/filestore/files_d/Common_d/certificate_d/:Common:Test.crt_77214_1 | openssl md5
(stdin)= 5773260e200ee58e7c89ae5a374d9a64

[adm@Host:Active:Changes Pending] certificate_key_d  openssl rsa -noout -modulus -in /config/filestore/files_d/Common_d/certificate_key_d/:Common:Test.key_77211_1 | openssl md5
(stdin)= 5773260e200ee58e7c89ae5a374d9a64

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)