Forum Discussion

F5LearnerLNR's avatar
Jun 01, 2024

Unable to add R Series as Provider in BIGIP NEXT CM

Hi All ,

I am fairly new to BIGIP NEXT  so are many of you , I am trying to add my R Series Appliance to bigip NEXT CM as a  provider , but always getting the below error   "   DEVICE-00060: Internal error testing authentication  "

Read this article  DEVICE-00060: Internal error testing authentication (   and accordingly  created a SAN name certifcate for  my R series Applicance and tried again , but no luck this article is of really no use . I am searching many articles to see how to add a Provider to Bigip NEXT CM , not able to  find a single one except for the cloud docs article , which is of no use as to really how to add the Provider . Anyone who is expert in BIGIP NEXT can please help me .



Thank you 


3 Replies

  • Hi F5LearnerLNR,

    the support solution (K000139300: DEVICE-00060: Internal error testing authentication) actually tells you exaclty what to do.
    You must replace the private key and certificate for the webUI on your rSeries with another one, which contains a well formed SAN.
    Beginning from v20.2 the BIG-IP Central Manager requires that the VELOS or rSeries provider has a well formed SAN certificate.

    What does this actually mean? Let's say want to add your rSeries as a provider to the BIG-IP Central Manager with it's FQDN (example:, then this FQDN must be in the Subject Alternative Name (SAN) extension of the SSL certificate which is installed on your rSeries. The same applies if you want to add it by IP - in that case the IP has to in the Subject Alternative Name (SAN).

    In the K000139300 there is a link to which explains you with a step-by-step guide how to create such a certificate with a well formed SAN.

    Good luck

    • F5LearnerLNR's avatar
      Icon for Cirrus rankCirrus

      Hi Daniel ,


      Thanks for this detailed explanation and i read this article , and created SAN based certification for webUI , still i could not get rid of this error message  DEVICE-00060: Internal error testing authentication . And you know what even if i  give incorrect credentials it still gives the same error ,  so even if the credetials are right and the device is with  SAN certificate , i still get this error

      • Daniel_Wolf's avatar
        Icon for MVP rankMVP

        When you check your cert with the openssl , what does it say?

        └─$ openssl x509 -in my-rseries.crt -noout -text

        It should look like this:

                Version: 3 (0x2)
                Serial Number:
                Signature Algorithm: sha256WithRSAEncryption
                Issuer: C = DE, ST = Hessen, L = Bad Vilbel, O =, OU = IT, CN =
                    Not Before: Jun  2 14:11:41 2024 GMT
                    Not After : Jul  2 14:11:41 2024 GMT
                Subject: C = DE, ST = Hessen, L = Bad Vilbel, O =, OU = IT, CN =
                Subject Public Key Info:
                    Public Key Algorithm: rsaEncryption
                        Public-Key: (2048 bit)
                        Modulus: (removed)
                X509v3 extensions:
                    X509v3 Subject Alternative Name: 
              , IP Address:
                    X509v3 Subject Key Identifier: 
            Signature Algorithm: sha256WithRSAEncryption
            Signature Value: (removed)

        This part is important  X509v3 Subject Alternative Name.
        In this part you should find the DNS name of your rSeries, the IP Adress or both. DNS must be as DNS and IP must be as IP Address.