Last Modified: Nov 22, 2021
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
11.3.0, 11.4.0, 11.4.1
Fixed In:
11.5.0, 11.4.1 HF9
Opened: Oct 07, 2013
Severity: 3-Major
Related Article:
K55614610
Certificate signing requests created by the BIG-IP system via GUI put SubjectAltName as an attribute not a extension.
Some CAs may fail to insert SAN when the CA signs the CSR bigip requested.
Using the GUI, create CSR and add SAN name.
Use tmsh to insert the SAN as an extension as described in SOL13471: Creating SSL SAN certificates and CSRs using the Configuration utility or tmsh at https://support.f5.com/kb/en-us/solutions/public/13000/400/sol13471.html.
Certificate signing requests created by the BIG-IP system via GUI now put SubjectAltName as an extension, which is correct behavior.