Differences

This shows you the differences between two versions of the page.

--- howtos:let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api [27/02/2022 17:23] – [Configuration] domingo
+++ howtos:let_s_encrypt_-_how_to_issue_certificates_with_cloudflare_dns_and_f5_rest_api [05/08/2022 13:17] – [Let's Encrypt with Cloudflare DNS and F5 REST API] domingo
@@ Line 6: / Line 6: @@
 All provisioning and deployment of the certificates are done via the API on the Big-IP to make it as location agnostic as possible.
+----
+//Update 05-08-2022:// After some interesting customer cases I implemented the option to use token authentication instead of basic authentication. Token is now default in the hook script.
+It would seem like that using basic authentication is putting extra stress on the BigIP and it could fail to complete the requests.
+You can find some of the errors you might see here, all worked around using tokens:
+[[https://cdn.f5.com/product/bugtracker/ID1025513.html|Bug ID 1025513: PAM Authenticator can cause authorization failure if it fails to lock /var/log/tallylog]]
+[[https://cdn.f5.com/product/bugtracker/ID1035661.html|Bug ID 1035661: REST Requests return 401 Unauthorized when using Basic Auth]]
+[[https://cdn.f5.com/product/bugtracker/ID1010341.html|Bug ID 1010341: Slower REST calls after update for CVE-2021-22986]]
+If you are using external authentication you must use token based authentication as it is the only one supported:
+[[https://support.f5.com/csp/article/K15234904|K15234904: Basic or Token Auth for a successful F5 REST API call?]]
+----
 ===== Requirements =====