Forum Discussion
Chase_Abbott
Feb 05, 2015Employee
What was the exact nature of the vulnerability? Was it due to the default self-signed certificate the device creates during installation? If so, this can be replaced with a CA-signed cert of your choice.
To create new certificates for use with a CA see here but if you're using GTM/Link Controllers/iQuery, you'll want to make sure the device certificate made available to all other BigIPs.
I recommend browsing through the support articles previously linked to ensure any unique configurations do not break due to replacing the device certificate.