CirrusHi, The certificate is going to expire. So we need to update the certificate. Do you think we still need to update its key? It looks like that the key does not have expiration. Thank you
EmployeeThe certificate is going to expire. So we need to update the certificate. Do you think we still need to update its key? It looks like that the key does not have expiration.
That depends on how you renewed your certificate. Some people, generate a new pair of public/private key when they renew the certificate. In such case, the renewed certificate will be as good as a brand new certificate. In such cases, the private key will change and hence you need to import it. If you are using the same old key pair (public/private key) for the renewed certificate, then there is no need to import the key again.
NoctilucentIt's simple, if your vendor release certificate based on your old csr, in that case just renew certificate only. If you have generated new csr then update both(key & cert) in lb.
CirrusIf we generate csr, how/where can we get the key?
NoctilucentCool.. Log in to the Configuration utility.
Navigate to System > File Management > SSL Certificates List.
Search "CSR name which you have generated on LB" example: xyz.geo.com
click on "xyz.geo.com" --> You will see two tab 1. Certificate 2. Key
Click on Key Tab " export it"
https://support.f5.com/kb/en-us/solutions/public/14000/600/sol14620.html
CirrusThat means that I can use the new certificate and the old key, right?
NoctilucentMatch the hash checksum value before applying certificate.
NimbostratusYes, if the conditions mentioned above allows.