Updating Expired WebSite Certficates

isn't it SSL certificate in LTM?

 

 

sol7574: Monitoring SSL certificate expiration on the BIG-IP system

 

http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7574.html

 

 

Renewing an SSL certificate

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm_configuration_guide_10_1/ltm_ssl_certif_config.html

 

 

sol7573: Renewing a Certificate Authorities signed certificate that requires a new key without overwriting the current key and certificate

 

http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7573.html

 

 

sol10561: The BIG-IP system may not use a renewed SSL certificate

 

http://support.f5.com/kb/en-us/solutions/public/10000/500/sol10561.html

 

Thanks for responding.

 

 

Clarifying what exactly i wanted below....

 

 

If you goto local traffic-->SSL certficates , you will get a list of current certficates and their status. Here, i see few websites listed with expired certficates as well.

 

 

Wanted to know whats the significance of this. Is it that after re-newing the certficates of the websites through the webserver , we need to import those certficates here so that ASM treats these sites as legitimate? (Thought once the certs are renewed through the webserver it was enough)

 

 

regards

 

Nik

Is it that after re-newing the certficates of the websites through the webserver , we need to import those certficates here so that ASM treats these sites as legitimate?if bigip does SSL offloading, yes you have to import renewed certificate and private key (if private key is changed) to bigip. actually, it can also be done the opposite way - renewing certificate on bigip and then copying certificate and private key (if changed) to web server.