Bug ID 1692021: Incorrect BIG-IP device certificate being shown on BIG-IQ DNS Sync Group

Last Modified: Jun 19, 2025

Affected Product(s):
BIG-IQ DNS(all modules)

Known Affected Versions:
8.3.0

Opened: Oct 08, 2024

Severity: 3-Major

Related Article: K000141390

Symptoms

When navigating BIG-IQ's Devices > BIG-IP CLUSTERS > DNS Sync Groups > {sync group name}, incorrect or expired BIG-IP device certificate shows up for DNS sync group member(s) even though the actual BIG-IP device certificate is valid.

Impact

Misleading warning or information being presented in the BIG-IP UI when navigating Devices > BIG-IP CLUSTERS > DNS Sync Groups > {sync group name}.

Conditions

- Multiple SSL certificates present in the BIG-IP DNS' /config/httpd/conf/ssl.crt/ directory.

Workaround

Remove unnecessary SSL certificates from the affected BIG-IP DNS device's /config/httpd/conf/ssl.crt/ directory. Only the file 'server.crt' should be present.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips