After replacing an SSL Certificate, the old SSL Certificate is still being returned by the LoadMaster
Sometimes after replacing an SSL Certificate on the LoadMaster, the old SSL Certificate can still be returned in the web browser when browsing to the Virtual Service's website immediately after the replacement.
Why is the old SSL Certificate still being presented to the client via the VIrtual Service after replacing it with a new SSL Certificate and how to fix this?
|Steps to Reproduce:|
|Cause:||This can sometimes happen when directly replacing the old SSL Certificate with the new SSL Certificate, while the old SSL Certificate is still assigned and in use on the Virtual Service.|
|Resolution:||One way to correct this behaviour is to navigate to Certificates & Security > SSL Certificates on the Web User Interface (WUI) of the LoadMaster, locate the SSL Certificate in question, find the Virtual Service IP under the Assigned VSs column and unassign it by moving it left to the Available VSs column and click Save Changes. Now undo these changes by reassigning the same Virtual Service IP again back to the Assigned VSs column and clicking Save Changes. Now try browse to the website again and verify that the new, correct Certificate is now being returned as expected.|
Methods of renewing SSL Certificate: