Big IP DNS Certificate issues

Question

Hi&nbsp;
I am reasonably new to F5 and am looking for some help in relation to Big IP DNS.
My predecessor had configured Big IP DNS with a trial license, then he left the company.
The trial has long expired but my company have decided to move forwards with Big IP DNS
I have licensed and allocated resources
This re-instated the original configuration(created by my predecessor)
Although all servers are in the down state
Several months back I renewed the management certificates of all devices and thought this might be related
So I ran bigip_add to add the new certificates to the Trusted Server Certificates but nothing had started working yet.&nbsp;
I see the following in the GTM logs&nbsp;
iqmgmt_ssl_connect: SSL error: error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert unsupported certificate (336151571)&nbsp;
Reading around this the un-support certificates seems to indicate I am using the wrong type of certificate, mine had been created using the CA using the webserver template, like the following
https://devcentral.f5.com/questions/can-san-certificates-be-used-for-device-certificates
Can anyone advise me as to whether this is still the case as this is some time ago (2012)
Many thanks&nbsp;

sjy2018_365312 · Answer

I have updated my certificates as suggested in the article that I have referenced. Everything is now working as expected&nbsp;

Forum Discussion

Big IP DNS Certificate issues

1 Reply

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Regex issue

BIG-IQ Certificate

Decrypting BIG-IP Packet Captures without iRules

F5 GTM resolution issue

F5 BIG-IP per application Red Hat OpenShift cluster migrations