Bug ID 1052929: MCPD logs "An internal login failure is being experienced on the FIPS card" when FIPS HSM is uninitialized.

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.6, 13.1.4, 13.1.4.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1

Fixed In:
17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6, 13.1.5

Opened: Oct 06, 2021

Severity: 3-Major

Symptoms

When MCPD starts, it may log an error message reporting an issue communicating with the onboard FIPS HSM. If the HSM is uninitialized, this message is erroneous, and an be ignored. Depending on the hardware platform, the message may be one of the following: err mcpd[12345]: 01b50049:3: FIPSUserMgr Error: An internal login failure is being experienced on the FIPS card. Please issue 'FIPSutil loginreset -r' followed by 'bigstart restart' for a password reset. You will need your FIPS Security Officer password to reset the password.. err mcpd[12345]: 01b50049:3: FIPSUserMgr Error: An internal login failure is being experienced on the FIPS card. The FIPS card must be reinitialized, which will erase its contents..

Impact

This message can be ignored when the FIPS HSM is not in-use, and is uninitialized.

Conditions

-- BIG-IP system with an onboard FIPS HSM, or a vCMP guest running on a BIG-IP system with an onboard FIPS HSM -- the FIPS HSM is not initialized, i.e. "fipsutil info" reports "FIPS state: -1".

Workaround

Initialize the FIPS HSM following the instructions in the F5 Platforms : FIPS Administration manual.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips