Forum Discussion

Herman2024's avatar
Herman2024
Icon for Cirrostratus rankCirrostratus
Jan 06, 2025
Solved

why the device certificate verify failed when the device certificate is not expired?

hi, we have some GTM/DNS devices. One of them - DSN01 is shown down, but the error message is shown as below. SSL error: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify fa...
  • Jeffrey_Granier's avatar
    Jeffrey_Granier
    Jan 10, 2025

    Hello Herman2024  GTM iquery depends upon valid certificates.  This reference article Overview of BIG-IP device certificates (11.x - 16.x)  will go into details for  Trusted Device Certificates as well as  Trusted Server Certificates (DNS).  

     

    Device Cert Location --->  “Configuration Utility: Device Certificates” (System > Certificate Management > Device Certificate Management > Device Certificate | Device Key

     

    DNS Server Cert Location ---> ” (DNS > GSLB > Servers > Trusted Server Certificates)

     

    Check these stores and ensure there aren't any expired certifications etc.