Our solution enables user to download a new client certificate from CA, in realtime. Once done they have to wait for a while, e.g. half minute, before accessing our web applicatin site. Otherwise, F5 which required mutual ssl, throws an error saying "certificate is not yet valid". My understanding is that CA & F5 may have slight clock difference and therefore the newly created client cert is not technical valid yet.
Is there a way to make F5 more lenient on the certificate's "not before" value, so that the minor clock difference won't shut out the client?