Unexpected Error: UCS loading process failed
Hello, I'm taking the LTM Essentials course online. There are different labs and before each lab, I need to upload a UCS file and restore it. But when I do the restore, I receive the following error: Unexpected Error: UCS loading process failed. It is impossible to have the restore working. Somebody would have an idea how to troubleshoot this? Thank you, VinchSecurity Certificate Inventory and Management
Hello! Several years ago, I was tasked with oversight for our security certificate inventory and management after we encountered unintended outages because no change management was in place to insure everyone was on the same page. Our change management process is considerably better as we're using actual change requests instead email. 😃 Our previous security certificate inventory was a privately held spreadsheet by the person managing most of our certificate renewals and update. If our Nagios admin cannot configure an alert to check a cert, we're at risk of missing a certificate expiration. We have self signed certificates as well as certificates purchased from vendors. We're now relying on report from Nagios based on certificate checks configured by our Nagios admin. This data goes into Splunk and I receive a weekly report with certificate data. I'm using a MS Team channel that includes systems admins as well as database and application development resources. I alert the group when a certificate or certificates are expiring in 30 days. I've been told that no certificate renewals can be done more than 30 days prior to expiration. In short, I nag until someone submits a change request with a scheduled maintenance window to update the certificate(s) prior to expiration. Although our current process is much better than when I first became involved, improvement is needed so I'm asking for suggestions/recommendations. What security certificate inventory management solutions are you using? What are your security certificate management processes? Thank you! Jodi
Log message code list?
SOL16197: Reviewing BIG-IP log files describes local traffic log message format as: Message code is split into: Message code: The code that is associated with the message. The code is comprised of the following sub-codes: Product Code: The first two hex digits form the product code. For example, 0x01 is the BIG-IP product code. Subset Code: The third and fourth hex digits are the subset code. For example, 0x2a is the subset code for LIBHAL. Message Number: The next four digits form the message number within a module. Severity Level: The last digit between the colon symbols is the severity level, with 0 being the highest severity level. Are the Product and Subset codes listed anywhere? Would help in processing log messages further in Splunk or similar tool.
Upload SSL certificate/key via REST API
Hello All, Looking to see if anyone knows of a method of uploading certs and keys to a BIGIP unit, using a method similar to the following example, but using REST instead of the SOAP API. Example: puts bigip["Management.KeyCertificate"].certificate_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['cert_file']).read ], true) puts bigip["Management.KeyCertificate"].key_import_from_pem('MANAGEMENT_MODE_DEFAULT', [ cert['cert_name'] ], [ File.open(cert['key_file']).read ], true) Thanks!
Health Monitors
Hi, I have created a health monitor with the following config: Interval 5 Timeout 16 Send String GET /test/test.jsp Receive String HTTP 1\.(0|1) 200 Reverse No Transparent No Alias address ALL Alias Service Port ALL But whne I go to add it to a specific node choosing NODE SPECIFIC I cannot see the monitor I created inside the list. Do I need to do anything else to make the monitor a node specific one? Thanks.
