Bug ID 1280441: When no parameter is given for 'system aaa tls create-self-signed-cert', encrypted key-type does not ask for passphrase

Last Modified: Feb 08, 2024

Affected Product(s):
F5OS None(all modules)

Known Affected Versions:
F5OS-A 1.5.0, F5OS-A 1.5.1

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0

Opened: Mar 23, 2023

Severity: 3-Major

Symptoms

When requesting a self-signed-cert, if the key-type is encrypted, then a passphrase is required. However, if no parameters are supplied, the key-type is then requested as a mandatory parameter, but won't ask for passphrase if encrypted type is selected.

Impact

An error indicates that the passphrase wasn't supplied, but it never was asked for in these conditions.

Conditions

No parameters passed to the config: system aaa tls create-self-signed-cert.

Workaround

Specify key-type as a parameter and then if encrypted, the passphrase will be requested.

Fix Information

The key-type is no longer a mandatory field and simply defaults to RSA. There is no conflict with not passing any parameters.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips