Wildcard Certificates

Question

Have an LTM running BIG-IP 9.3.1 Build 81.1 and am trying to import a wildcard certificate (*.domain.com). I generated the CER on the LTM. This process created the private key. Now, when I try to import the certificate I received from VeriSign, I get a certificate/key mismatch error. Are wildcard certs supported on the LTM?

michael_yates · Answer

Yes.  Wildcard SSL Certificates are supported from v9.0.x to v10.1.x. 
&nbsp;  
&nbsp; This is a solution that specifically includes v9.3.1 as capable of utilizing Wildcards (This Solution only covers the CSR Generation): 
&nbsp; SOL6823: Configuring multiple HTTPS sites on the same SSL client profile by creating a wildcard certificate request: 
&nbsp; https://support.f5.com/kb/en-us/solutions/public/6000/800/sol6823.html 
&nbsp;  
&nbsp; You might want to verify that your Certificate Store doesn't contain multiple Keys from previous attempts to generate a CSR to submit to your CA.

hoolio · Answer

Also, you can use Openssl to verify a cert and key match: 
&nbsp;  
&nbsp; https://support.f5.com/kb/en-us/solutions/public/6000/700/sol6746.html 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Wildcard Certificates

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Need Urgent BIGIP Trial License and VM Image

APM for banner and cert

How to Renew F5 Device Certificate

UCS backup not loading Big IP DNS pool

Related Content

Wildcard Certificate

Automating ACMEv2 Certificate Management on BIG-IP

Wildcard SSL Certificate Deployment on F5 LTM

Help F5 Transform the BIG-IP Administrator Certification

Re: Management Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS