BIG-IQ 6.0.0 :: Management Interface Certificate :: Trusted CA's

Question

Anybody know how to replace the existing self-signed certificate on the management interface of the BIG-IQ platform with something signed by a CA? I attempted K52425065 however that did not work (for what it's worth, the "applies to" details of the article did not include 6.0.0).&nbsp;
Also - our proxy performs SSL inspection, and the BIG-IQ does not trust its CA. Because of this it cannot connect outbound such as to iHealth. Anybody know how to add a trusted certificate authority for outbound connections?&nbsp;

ryan77777 · Answer

So in regards to the first part... K52425065 gives you options for using your own certificate filenames. In order for this to work it has to be EXACTLY server.crt and server.key (so, not your own certificate filenames). Making that change, it then worked properly. However the article states to restart httpd when you really need to restart webd.&nbsp;
Still trying to figure out the trusted CA.&nbsp;

Forum Discussion

BIG-IQ 6.0.0 :: Management Interface Certificate :: Trusted CA's

1 Reply

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

Re: Management Certificate

Traffic Management User Interface Vulnerability: The Fix and Temporary Mitigation Options

Automating certificate lifecycle management with HashiCorp Vault

management interface failover

Minimizing Security Complexity: Managing Distributed WAF Policies