CA not trusted/unknown New SSL Certificate

Question

Hello everyone,&nbsp;i've replaced a new SSL certificate on my F5 (not self signed) and the F5 doesn't know the authority. What is the best way to implement the CA on the F5?On normal Servers i link the Company CA that signed it via the ssl.conf of apache. Is it possible to just add the CA to the .crt file?

mayur_sutare · Answer

If you are talking about client or server SSL certificate then you need to import valid certificate file and its associated private key file. Once it is imported, you need to call both files under client or server SSL profile. Once it is configured, you need to call created SSL profile to Virtual Server.

In some cases, you also need chain of certificate or bundle certificate which is used for creating chain of trust between the CA that signed the certificate and the CA that is already trusted by the recipient of the certificate.

The step for configuration is given in below article,

https://support.f5.com/csp/article/K13302

Hope it helps!

Mayur

Forum Discussion

CA not trusted/unknown New SSL Certificate

1 Reply

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

My Security+ Certification Journey

Certifications for security professionals