Bug ID 1679869

Bug Tracker
ID 1679869

Bug ID 1679869: [APM][SAML] import IdP metadata with signing/encryption certificate only imports signing cert, not encryption cert

Last Modified: Jan 17, 2025

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1

Opened: Sep 26, 2024

Severity: 3-Major

Symptoms

BIG-IP supports import of external SAML SP metadata to create SP-Connector objects. When such metadata file contains two certificates (one with 'signing' and one with 'encryption use) then BIG-IP will import certificate that is positioned 'second' in metadata twice.

Impact

Only the second certificate is imported.

Conditions

Imported metadata contains two certificates with different use types: 'signing' and 'encryption'

Workaround

Import certificates manually

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips