Forum Discussion

Nimbostratus

Aug 26, 2019

01070317:3: sslprofile's key and certificate do not match

I am renewing my cert in F5 LTM device, i am unable to renew the cert. Giving the error sslprofile's key and certificate do not match. same time i am trying to generate new CSR with same name i am no...

MVP

Aug 26, 2019

Hi,

Can you check whether the certificate matches the private key?

openssl rsa -noout -modulus -in <private key name>.key | openssl md5
openssl x509 -noout -modulus -in <certificate name>.crt | openssl md5

If the md5 values are same, create pfx certificate.

openssl pkcs12 -export -out <pkcs name>.pfx -inkey <private key name>.key -in <certificate name>.crt

Copy .pfx file to /shared/tmp/ folder and import it.

tmsh install sys crypto pkcs12 <pkcs name>.pfx from-local-file /shared/tmp/<pkcs name>.pfx passphrase <pkcs12 passphrase>

Forum Discussion

01070317:3: sslprofile's key and certificate do not match

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

Automating ACMEv2 Certificate Management on BIG-IP

Publish Virtual-SSLProfile-Certicate Relation

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

My Security+ Certification Journey