Updating UCC Certificate in a Production Environment

Question

I don't have an environment where I can test this right now, but in our production environment we use UCC SSL certificates to support 100 websites. All of our virtual servers use the same profile, which references this 100 website UCC SSL cert. If I update this cert with a new one because we add website 101 to the UCC cert, do you believe this will cause an interruption to end users?&nbsp;
We plan on doing this off hours but I was just hoping someone might have had some experience with it and so I could give some expectations to end users.&nbsp;

kevin_stewart · Answer

In lieu of a better answer, or any answer, I'd say it depends on BIG-IP version and platform. In the early days, a config load like this may have taken several seconds and would have interrupted every affected VIP. As of v11 and newer platforms, the interruption is likely very minimal. Nonetheless, if a user is trying to perform an SSL handshake at the exact moment that the certificate configuration is changing, they would certainly experience a hiccup, and I'm not sure there's any way around that. I'd say it's always a best practice to do this sort of configuration change during maintenance periods.

Forum Discussion

Updating UCC Certificate in a Production Environment

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

NGINX Plus R35 for Federal Environments: FIPS-Compliant algorithms with ACME Certificates in AWS

Product certification

Automating Certificate Management on F5 BIG-IP

Security Best Practices for F5 Products

App Migration across Heterogeneous Environments using F5 Distributed Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS