Using the same 3rd party certificate for two devices in a device group?

Question

I currently use self-signed certificates on my cluster of LTMs running 11.5.3.  I would like to install 3rd party certificates.  
&nbsp;
If I generate a certificate that has subject alternative names that include the individual hostnames for the two devices as well as the name of the floating IP, can I apply that certificate to both devices?  Or will the device group sync have a problem with sharing a cluster with a device that has the same certificate?&nbsp;
So if my two devices are "ltm-1.example.com" and "ltm-2.example.com" and the name of the floating IP is "ltm-active.example.com", I'd have a certificate for ltm-active.example.com with ltm-1.example.com and ltm-2.example.com as SANs and I would install the same cert/key pair on both devices.&nbsp;
Thanks!&nbsp;

kevin_k_51432 · Answer

Greetings!&nbsp;
This article offers some background on the various device certificates. In short, the DSC certificates are different than the Configuration utility certificates. I believe (hope) you are going to be installing the certificate to access the Configuration utility?&nbsp;
https://support.f5.com/csp/article/K15664&nbsp;
Hope this helps!
Kevin&nbsp;

Forum Discussion

Using the same 3rd party certificate for two devices in a device group?

1 Reply

Recent Discussions

Why I could not post a comment

Priority Group Activation is not working

F5 Config - API Access on servers

iRule Approach to Mask Authorization Header for Bot Defense Logging – Validation Needed

F5 Device Management Certificate renewal

Related Content

How to Renew F5 Device Certificate

unsupported certificate error with device certificates

why the device certificate verify failed when the device certificate is not expired?

some questions on device Trust Certificate?

Restore configuration to GTM Sync Group device

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS