Bug ID 1976833

Bug Tracker
ID 1976833

Bug ID 1976833: Unable to change F5OS primary key with LDAP TLS client cert+key set

Last Modified: Jul 11, 2025

Affected Product(s):
F5OS F5OS-A, F5OS-C(all modules)

Known Affected Versions:
F5OS-A 1.8.0, F5OS-C 1.8.0, F5OS-C 1.8.1

Opened: Jul 08, 2025

Severity: 3-Major

Symptoms

Attempting to set the system's primary key ("system aaa primary-key set") aborts and fails. System log shows: authd[8]: priority="Err" version=1.0 msgid=0x7b01000000000075 msg="OpenSSL Keys and Certificates must start with -----BEGIN ...".

Impact

Unable to change primary key on device.

Conditions

-- LDAP TLS certificate and key are configured. -- Device TLS certificate and key are not configured

Workaround

1. Make sure you know the unencrypted value of the LDAP TLS cert and key. 2. Remove the LDAP TLS cert and key values 3. Rotate the system primary key 4. Re-configure the LDAP TLS cert and key values.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips