Forum Discussion

Nimbostratus

Dec 09, 2020

F5 Device Administration/configuration - Vulnerabilities

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

MVP

Dec 12, 2020

Hello NetWork.

Self-signed certificates cannot be used to authenticate sites.

Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.

To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.

Regards,

Dario.

Forum Discussion

F5 Device Administration/configuration - Vulnerabilities

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

F5 Device Administration/configuration - Vulnerabilities

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Vulnerability CVE-2023-45648 in ApacheTomcat

Device Management