cancel
Showing results for 
Search instead for 
Did you mean: 

F5 Device Administration/configuration - Vulnerabilities

NetWork
Nimbostratus
Nimbostratus

Can someone help me to understand using self-signed certificate for BIGIP LTM box falls in non-compliant as long as our device will be accessed only by network administrators?

1 ACCEPTED SOLUTION

Lidev
MVP
MVP

Hi,

Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)

So, even if your device is only access by network administrators, it's not something to be advised (there's a risk if one of the admin account or admin access is compromised)

 

A good article on this topic : When are self-signed certificates acceptable?

 

Regards

View solution in original post

2 REPLIES 2

Lidev
MVP
MVP

Hi,

Using self-signed certificates can pose a number of challenges, severals attacks have successfully exploited self-signed certificates (MitM attack, Drye Banking Trojan etc.)

So, even if your device is only access by network administrators, it's not something to be advised (there's a risk if one of the admin account or admin access is compromised)

 

A good article on this topic : When are self-signed certificates acceptable?

 

Regards

Hello NetWork.

 

Migrated from another thread:

Self-signed certificates cannot be used to authenticate sites.

Base on this, someone accesing one specific device cannot be sure that the device which is accesing belong to the person/company that user thinks it belongs.

 

To be more precise, someone could be performing a MITM attack in that communication and you couldn't be aware of that.

 

Regards,

Dario.

Regards,
Dario.