I was upgrading F5 device certificate that was scheduled to expire. After importing the newly signed certificate from the certificate authority, I lost access to the management user interface (UI). I secured shelled into the device and ran a status check on the httpd service

🗡️
bigstart status httpd

which confirmed that the httpd server was down. When I tried restarting the httpd service with the command

🗡️
bigstart start httpd

I got this error prompt.

**httpd[30456]: [ssl:emerg] [pid 30456] SSL Library Error: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
**Starting httpd: [FAILED]

This meant that the certificate I uploaded and the key on file did not match. To quickly get access back to the TMUI, I navigated to the httpd configuration folder.  Easiest way to regain access is to re-generate a new device certificate using this command;

🗡️
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -sha256 -keyout /config/httpd/conf/ssl.key/server.key -out /config/httpd/conf/ssl.crt/server.crt

Then I restarted the httpd and tomcat services

🗡️
bigstart start httpd

When I refreshed my browser I had regained access to the F5 TMUI. I then navigated in the TMUI to device certificate and updated the certificate with the new key and all is working well.

NOTE: I noticed that after successfully installing the new certificate and key, there was a yellow banner on the top of the F5 screen stating "Error getting auth token from login provider."  For some reason this prevented traffic from flowing in the device. To resolve the issue, I had to restart the BIG-IP REST daemons restjavad and restnoded

🗡️
tmsh restart sys service restjavad restnoded