Bug ID 1102497: Allow for encrypted key with passphrase

Last Modified: Jun 04, 2025

Affected Product(s):
F5OS Velos(all modules)

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.4.0

Opened: Apr 25, 2022

Severity: 3-Major

Symptoms

Currently all OpenSSL keys are of type unencrypted which means that no passphrase is needed to use them. Although the keys are encrypted in ConfD, there is an insecure element in that the keys reside on the filesystem in the clear.

Impact

There is no support for encrypted keys with a passphrase.

Conditions

Always.

Workaround

None

Fix Information

With this new option added, keys with a passphrase are supported.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips