Forum Discussion
Chase_Abbott
Feb 05, 2015Employee
All 3 vulnerabilities are due to the device self-signed cert created by the BigIP during setup. This can be replaced with a CA-signed cert, this can be a purchased public cert or an internal CA; any self-signed cert will fail your security test. The link I sent earlier will provide those instructions. You'll want to make sure the cert you create of course matches the FQDN/Device name of the BigIP and then you should be able to pass those vulns.
The F5 support site has a lot of good information on creating these certificates depending on what type of module config your using.
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-concepts-11-4-0/12.html