AltostratusOn my test VM, I added certificate from my internal CA to the ca-bundle and it looked fine. I updated the firmware from BIGIP-13.1.0.2 to BIGIP-13.1.0.6
After the update the certificate from my internal CA is no longer in the ca-bundle. Is this the default behavior?
NoctilucentI suspect, its compatibility things in internal CA. Which couldn't compile in latest version, So F5 firmware removed particular certificate. Can you please re-add internal CA in "ca-bundle" and load the configuration and see the logs.
So far we have observed few Bugs in BIGIP-13.1.0.6 and F5 confirmed the same. One of the Bug
ID 705442
CumulonimbusAfter the update the certificate from my internal CA is no longer in the ca-bundle. Is this the default behavior?
It is not recommended to edit default objects in BigIP. this can cause issues during upgrades.
If you want to add a CA in ca-bundle, create your own and add both internal CA and ca-bundle certificates.
The problem is F5 provides Certificate authorities bundle upgrades which may be included in upgrade packages. the last one was released on 04/16/2018 and 13.1.0.6 was released on 04/30/2018...