Upload an SSL certificate for a liveness test

You can upload an SSL certificate for a specific liveness test that uses the security protocols. This certificate will override the domain-wide default SSL client certificate if your domain has one.

Before you begin

Make sure that you selected RSA as the SSL key type when you created a PEM-formatted SSL certificate that you want to upload to an GTM domain. If you selected an SSL key type other than RSA, for example, EC private key, you will receive the following error:
certificate is not valid PEM format
The domain must have Add and Edit scope access to perform this procedure. The domain must have Add and Edit scope access to perform this procedure.

Use this procedure to upload an SSL certificate for a specific liveness test that uses the secure protocols (HTTPS, POPS, SMTPS, and TCPS).
Note: If you choose the HTTPS protocol, you have the option to select Certificate Verification and to upload an SSL Client Certificate. These actions are independent of each other. The Certificate Verification checkbox is for server certification. The Manage SSL Client Certificate is for client certification.

How to

  1. On the Traffic Management Domains, select the domain that you want to revise. The Edit Domain Settings page appears.
  2. Click the Properties tab and select a property from the property list. The property review page appears with the liveness test form.
  3. On the review page's liveness tests form:
    If you do not have a liveness test with a secure protocol Click Add New Liveness Test to create a liveness test with a security protocol using the steps in Add a liveness test to an existing domain and continue to Step 4.
    If you have an existing liveness test with a secure protocol Select a liveness test name and continue to Step 4.
  4. Click Manage SSL Client Certificate. A new window opens displaying information to manage the certificate upload.
  5. To upload a PEM-formatted certificate file, click Choose File. If Subject and Expires fields appear under the Certificate Status heading, then the upload is successful.
    If the certificate has not expired, a Clear button appears under the status and the Save button is enabled.

    If the certificate has expired, a message appears indicating that status. Expired certificates are not allowed.

    If you want to remove the SSL certificate, click Clear.

    Click Cancel to return to the Settings tab.

  6. Click Save if the certificate information is correct.
    Clicking the Save button displays a green banner with the text
    The action has been completed.at the top of the page. You will also see green text that reads "SSL Certificate has been modified" next to the Manage SSL Client Certificate button. 
  7. Click Save Liveness Test to save the changes.
  8. Click Add to Change List.
    The Properties tab appears. A pencil icon next to a property indicates that the liveness test has been modified. A green check mark indicates that the test is a new one.
  9. Click Review Change List.
  10. Review the Change List Dialog changes, validate them, add a required comment, and click Activate Domain to save the changes.
    For more information on the Change List Detail dialog, see Change List Detail Dialog.