Bug ID 526223: Renewing default.crt through openssl command shows previous expiry date while listing in TMUI

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:
12.1.0

Opened: Jun 03, 2015

Severity: 4-Minor

Related Article: K46527534

Symptoms

TMUI 'System :: File management :: SSL Certificate List default certificate shows previous expiration date until MCP config is force loaded.

Impact

GUI will still shows the old expiration date. This is a GUI SSL Certificate list page issue; the certificate details page shows the correct expiration date, and the device works as expected with the newly generated certificate.

Conditions

The default.crt is renewed using the command line (because there is no way to renew the default certificate is not using the GUI).

Workaround

To reflect the new certificate expiration date, have MCP force load config as described in K13030: Forcing the mcpd process to reload the BIG-IP configuration (https://support.f5.com/csp/article/K13030).

Fix Information

TMUI now shows latest expiration date even if default.crt renewed using the command line.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips