Device Trust BigIp 6900

Question

Hi,&nbsp;
I am currently trying to set up device trust for a pair of BigIP 6900 using 11.5.2 HF1.
I set up all the basic stuff like vlans, IPs etc. und now I wanted to create a self signed certificate with my company informations to create the device trust.&nbsp;
For that I tried to renew the device certificate, but I get the following error message on both machines:&nbsp;
com.f5.tmui.util.Syscall$CallException: Error: Failure to create certificate server with error: Key file named "server.key" must exist to create a corresponding certificate..&nbsp;
I seem to have an existing server.key, but its only 1024 bit in size.&nbsp;
Can you tell me what's my problem and how to solve it?
Is my problem, that the server.key is to small? But how can I create a bigger one (e.g. 2048)?&nbsp;
Thanks in advance&nbsp;
Regards, Thorsten&nbsp;

benedikt_mayer_ · Answer

Hi Thorsten,&nbsp;
actually not sure whats causing this for you, but 
have a look at  - it details steps to generate a new device certificate and key as well, so once done you´re good to proceed :-)&nbsp;
Kind regards,
Benedikt&nbsp;

joe_m · Answer

I am having the same issue on the same version. I did the command in the SOL you listed there and then tried to do it again in the WebUI and still got the same error. I am seeing if I can find a way to fix it but it might be a bug. If I can't figure it out, I will be opening a ticket with F5.

fat_138651 · Answer

I switched both devices off over night, and now the error is gone. &nbsp;
Maybe it is just a bug in 11.5.2. I hope 11.6.1 will come out soon, and I will try it again with the new Version.&nbsp;

craigr_123571 · Answer

I had the same problem when I specified a subject alternate name.  I removed that field and the create worked.&nbsp;

Forum Discussion

Device Trust BigIp 6900

4 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

Creating device trust / trust-domain through iControl REST Call(s)

Re: BigIP Report

Trust your CDN, but not completely

Overview of Trusted Client IP Headers in F5 Distributed Cloud Platform

Device Management