F5 Logo MyF5
Search
  1. MyF5 Home
  2. Knowledge Centers
  3. ARX
  4. ARX CLI Maintenance Guide
  5. GUI Maintenance
Manual Chapter : GUI Maintenance

Applies To:

Show Versions Show Versions

ARX

  • 6.3.0
Manual Chapter
Table of Contents | << Previous Chapter | Next Chapter >>
12 
 
GUI Maintenance
Overview
Removing the SSL Key
Restarting the GUI
Overview
The GUI has an unsigned SSL key that it uses to authenticate with HTTPS clients. This key is kept in a keystore file in the configs directory, acopia.keystore. When your browser first connects to the GUI and encounters this key, it issues a challenge similar to the following:
By clicking Yes, you accept the ARXs SSL key. Your client then recognizes the SSL key in future HTTPS connections.
The SSL key expires in one year. After the key expires, browsers warn that the key has expired. Use the instructions in this chapter to regenerate the SSL key.
Removing the SSL Key
The SSL key in stored in the acopia.keystore file in the configs directory. You can use the show configs command to view the contents of the configs directory, and you can use delete configs acopia.keystore to remove it. For example:
bstnA# show configs
 
configs
acopia.keystore Aug 9 11:20 1.2 kB
active.license Sep 15 15:19 3.4 kB
api-ssl.crt Aug 9 12:49 1009 B
api-ssl.key Aug 9 12:49 891 B
arx.dossier Sep 15 15:19 3.0 kB
boot-config Sep 16 00:46 1.5 kB
eeprom.dat Sep 16 00:13 119 B
encoded.license Sep 15 15:19 3.5 kB
nlad_smb.conf Sep 16 00:13 44 B
nlad.conf Sep 16 00:43 24 B
oem-menu-log.txt Sep 16 00:07 3.0 kB
omDbVersion.info Sep 16 00:11 280 B
startup-config Sep 16 01:31 7.3 MB
unparsed.license Sep 15 15:19 3.4 kB
 
bstnA# delete configs acopia.keystore
bstnA# show configs
 
 
configs
boot-config May 18 03:25 1.3k
omDbVersion.info May 18 03:00 279
running May 17 10:25 7.5k
startup-config May 18 11:28 6.2M
 
bstnA# ...
Restarting the GUI
You must stop and restart the GUI to create a new SSL key. You can accomplish this by stopping any management access to HTTPS, then re-opening access. Specifically, use the management access https command to work with HTTPS, then use no permit all followed by permit [vlan | mgmt | all]. For detailed instructions, refer to Permitting Access, on page 8-5 of the ARX® CLI Network-Management Guide.
For example, the following command sequence stops and restarts the GUI, then shows that the GUI recreated the acopia.keystore file:
bstnA# config
bstnA(cfg)# management access https
bstnA(cfg-mgmt-access[HTTPS])# no permit all
bstnA(cfg-mgmt-access[HTTPS])# permit all
bstnA(cfg-mgmt-access[HTTPS])# show configs
 
 
configs
wwmed.keystore Aug 9 11:20 1.2 kB
active.license Sep 15 15:19 3.4 kB
api-ssl.crt Aug 9 12:49 1009 B
api-ssl.key Aug 9 12:49 891 B
arx.dossier Sep 15 15:19 3.0 kB
boot-config Sep 16 00:46 1.5 kB
eeprom.dat Sep 16 00:13 119 B
encoded.license Sep 15 15:19 3.5 kB
nlad_smb.conf Sep 16 00:13 44 B
nlad.conf Sep 16 00:43 24 B
oem-menu-log.txt Sep 16 00:07 3.0 kB
omDbVersion.info Sep 16 00:11 280 B
startup-config Sep 16 01:31 7.3 MB
unparsed.license Sep 15 15:19 3.4 kB
 
bstnA(cfg-mgmt-access[HTTPS])# ...
Table of Contents | << Previous Chapter | Next Chapter >>
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5 Networks, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information