Forum Discussion

Nimbostratus

Mar 07, 2014

The remote server's SSL certificate has already expired - Plugin ID 15901

Hi Experts We are running Nessus Scan against our F5 BIG-IP LTM devices and getting following alert:- The remote server's SSL certificate has already expired - Plugin ID 15901 Now prob...

Noctilucent

It may be that Nessus is assuming an expired certificate if it receives a mismatch between the CN of the certificate and the URL it used to access the LTM. As long as your certificate on the interface is still valid (whether it's a custom certificate or a self-signed should not matter), then this is a false positive finding.

Cory_50405

Noctilucent

Mar 10, 2014

Correct. So the Nessus finding should only be a real finding if the certificate you have loaded on the management interface is actually expired. Otherwise, it's a false positive. Doesn't matter which CA (or self signed), since you accessing by IP address.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

The remote server's SSL certificate has already expired - Plugin ID 15901

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Automating ACMEv2 Certificate Management on BIG-IP

Trouble applying GoDaddy certificate to a virtual server

Understanding Server SSL Trusted Certificate Authorities on BIG-IP

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS