What use of ca-bundle? Can I remove it?

Question

Hi everyone&nbsp;
As subject , What use of ca-bundle? &nbsp;
Can I remove it? because It's always alert customer that some Certificate in ca-bundle is expired.
and remove only "that expired certificate" is troublesome (many box , many expired cert)&nbsp;
Or Is there a way that we can config user-alert to not alert "ca-bundle certificate" expiration?&nbsp;
Thank you very much&nbsp;

kridsana · Answer

right now we use this SOL to monitor certificate expiration&nbsp;
https://support.f5.com/kb/en-us/solutions/public/14000/300/sol14318.html&nbsp;
Not sure if it can exclude ca-bundle?&nbsp;

vijay_e · Answer

As long as you are not utilizing the ca-bundle as part of any client ssl profile, I think it is okay to remove it. &nbsp;

joe_jordan · Answer

Sorry for the late reply here, but there is now a deployment guide and iApp template that can assist you in updating the CA bundle that ships with the system. This allows you to add and remove certificates. See http://f5.com/pdf/deployment-guides/f5-ca-bundle-dg.pdf

shaun_simmons1 · Answer

Awesome!!  Added to knowledge archive  --I will be using this soon! &nbsp;

nobody96_211663 · Answer

Could you share the Iapp CA-Bundle? Is no longer available in downloads or through the pointer of the document f5-ca-bundle-dg.pdf.&nbsp;
Thank you&nbsp;

Forum Discussion

What use of ca-bundle? Can I remove it?

6 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

2026 301a exam

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

Creating, Importing and Assigning a CA Certificate Bundle

Remove alerts showing r-series LCD/Dashboard.

Remove Quotation marks

remove www

Removal Cookies on Client Browser

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS