Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
12.0.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF1
Opened: Aug 17, 2015 Severity: 3-Major
When renew/overwrite the SSL key/cert/csr files using GUI/iControl, the file names are updated, however the contents of the files remain the same. It fails to replace the files but doesn't throw any error to notify the users.
The users could use unsuccessfully updated key/cert/csr without notifying that they are still using the old key/cert/csr until it really causes issues, for example, expired.
When renew/overwrite the SSL key/cert/csr files using GUI/iControl.
Delete the key/cert/csr and create them again using the same name, instead of using renewal/overwrite option in GUI/iControl to replace the existing key/cert/csr files.
With the fix, the key/cert/csr files can be successfully replaced using renewal/overwrite option in GUI/iControl.