F5003 - F5 BIG-IP TLS/SSL Certificate Error
Agent error code #F5003 indicates that the TLS handshake with the F5 BIG-IP management endpoint failed. The agent reached the device but could not verify its certificate.
Common causes include:
- The BIG-IP presents its default self-signed management certificate, which is not signed by a trusted CA
- The certificate is expired, or its subject/SAN does not match the hostname in the Knocknoc backend URL
- The agent host does not trust the CA that signed the management certificate
Steps to Resolve
Use a Trusted Management Certificate (recommended)
- Install a management certificate on the BIG-IP signed by a CA the agent host trusts
- Ensure the certificate's subject or SAN matches the hostname used in the Knocknoc backend URL
Or Allow the Self-Signed Certificate
- In the Knocknoc backend configuration for the F5 Knoc, enable the Insecure option to skip certificate verification
- Save and retry. Only do this on a trusted management network
Still Having Issues?
We can help you out, contact us at [email protected].