Bug ID 920481: REST GET on /mgmt/tm/sys/file/ssl-key returns bad/wrong passphrase

Last Modified: Oct 10, 2022

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.2.6, 14.1.2.5

Fixed In:
14.1.2.8

Opened: Jun 24, 2020

Severity: 2-Critical

Symptoms

GET request on REST endpoint /mgmt/tm/sys/file/ssl-key returns the incorrect value for passphrase.

Impact

Passphrase value is incorrect. Autoscale AWS deployments fail when trying to deploy a BIG-IP v14.1.2.5 or v14.1.2.6 AMI. This is the result of a change in how ssl-key passphrases are being returned in REST calls.

Conditions

This occurs when getting the ssl-key information, and the key contains a passphrase. -- Using BIG-IP v14.1.2.5 or v14.1.2.6 to deploy Amazon Machine Image (AMI).

Workaround

None.

Fix Information

Can now deploy from BIG-IP v14.1.2.5 or v14.1.2.6 AMI when using passphrase from a GET request on REST endpoint /mgmt/tm/sys/file/ssl-key.

Behavior Change

Changes in REST framework from 14.1.2.3 to 14.1.2.5. GET request on REST endpoint /mgmt/tm/sys/file/ssl-key returns the the passphrase in a different format and also changes on every request.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips