Forum Discussion

ghost-rider_124's avatar
ghost-rider_124
Icon for Nimbostratus rankNimbostratus
May 03, 2013

Wild Card Certificate use on F5 LTM

Hi Experts

 

I need to use wild card certificate on F5 to offload SSL for my exchange OWA. Should I need to create CSR first or I can upload wildcard certificate (exported from exchange server) on F5 without any issue. Currently, I am using wild card certificate on my exchange server, web server.

 

5 Replies

  • You can do either, though since you already have a wildcard cert, there's probably no reason to get a new one with the CSR process. You need to export both the key and cert, or a .pfx/.p12 file to import to the F5.
  • Hi Kevin

     

     

    Thanks for the reply. What the thing is I have only certificate, not the key separately. The Verisign just gave us the wildcard certificate with their root certificate. So I just need to import that wildcard certificate?

     

     

    Thanks
  • What the thing is I have only certificate, not the key separately. The Verisign just gave us the wildcard certificate with their root certificate.private ke is required. it is definitely in your exchange server. when CA signs certificate, only certificate is used. private key should never be sent to CA.
  • Correct. The key is in there somewhere. Windows will (hopefully) allow you to export the pair as a .pfx or .p12 file which is an encrypted container. You can import that directly to the F5.
  • These instructions helped me.

     

    http://www.digicert.com/ssl-support/pfx-import-export-iis-7.htm

     

    Once you have the PFX file then you can import them into f5. Choose the IIS type and enter your password.

     

    Then you can rock it.

     

    I just finished doing it. I was having the same issue.

     

    Pat