Default certificate used for F5

Vendor

F5

Description

Many devices are pre-installed with a default SSL certificate. Generally, it's good practice to replace these to ensure security when accessing these devices. Indeni will alert of a default certificate it used.

Remediation Steps

Install a non-default certificate.Review https://support.f5.com/csp/article/K15664

How does this work?

This indeni script logs into the device through SSH and executes the command "openssl x509 -in /etc/httpd/conf/ssl.crt/server.crt -text -noout".

Why is this important?

Using the default management certificate could enable a potential attacker to perform a man-in-the-middle attack without administrators knowing it. This indeni alert checks if the default management certificate is used.

Without Indeni how would you find this?

An administrator can verify if the default management certificate is used by logging into the device via the web interface, clicking on "System" -> "Device Certficates". If "Certificate subject(s)" contains "localhost" the default certificate is used. While performing this check it would also be prudent to check if the certificate used in trusted by looking at the address bar of the browser.

View Source Code
single