SSL Certificate Import

Question

Hi all... post 1 here, so please go easy on me.  Tried searching for this topic, but not much success: 
&nbsp;  
&nbsp; Trying to import an SSL certificate, to offload HTTPS for a Sharepoint web farm using BIGIP LTM 6400 9.3.1. The cert currently is installed on WFE 1 (Win2008, IIS7).  
&nbsp;  
&nbsp; If I export the cert from IIS, the only option I have is to export as password-protected .PFX.  When I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, including the private key, again the only option I have is to export as password-protected .PFX.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, this time NOT including the private key, and export as .CER.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; I've confirmed that the name on the cert matches what I've entered for "Certificate Name" on the import screen, and neither time have I been prompted to supply the password. 
&nbsp;  
&nbsp; I was told by support that I needed to upgrade to get the password-protected file to work, so we went to 10.0.1 on a test system running the same config as production...now I get: 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, including the private key, again the only option I have is to export as password-protected .PFX.  Same results when I import certificate (Local Traffic &gt;&gt; SSL Certificates &gt;&gt; Import SSL Certificates and Keys), I get: 
&nbsp; IMPORT FAILED: CERTIFICATE/KEY MISMATCH 
&nbsp;  
&nbsp; If I export from MMC&gt;Certificates, this time NOT including the private key, and export as .CER. This time it imports successfully, but still doesn't prompt me for a password. 
&nbsp;  
&nbsp; What am I doing wrong on the 9.3.1 version? 
&nbsp; How do I separate the private key from the .PFX to import into another area? 
&nbsp;

mark_sullivan_5 · Answer

Not sure if this is what you need but check it out.  It worked for me! 
&nbsp;  
&nbsp; http://vegan.net/lb/archive/05-2002/0018.html

johns · Answer

Go to tech.f5.com and look up solution 6549.  I think that will do what you need.

kevin_mcd_51656 · Answer

you guys are incredible... thanks so much, that worked like a CHARM!!!

Forum Discussion

SSL Certificate Import

3 Replies

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

Re: Automate import of SSL Certificate, Key & CRL from BIG-IP to BIG-IQ

Import ssl certicate bundle through iControl as user with Certificate Manager role

Implementing SSL Orchestrator - Certificate Considerations

SSL Certificate Report

Re: Management Certificate