Last Modified: May 29, 2024
Affected Product(s):
F5OS Velos
Fixed In:
F5OS-C 1.6.0, F5OS-A 1.3.0
Opened: Aug 26, 2022 Severity: 3-Major
When the LDAP configuration on Auth Settings is updated via the webUI, with TLS key not previously configured, it is updated to be an empty string. This is resulting in empty string encryption.
TLS key is set to empty string and is encrypted.
Add/Modify LDAP configuration on Auth Settings screen.
One of the following: -- Use the F5OS CLI to modify authentication settings, rather than using the webUI. -- Use the webUI to edit authentication settings only when the TLS key is already configured, meaning, there is an encrypted value already present in TLS key field.
Updating LDAP configuration when the TLS key is not configured will not create a TLS key with empty string.