Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP EM, LTM
Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1
Fixed In:
11.5.0, 11.4.1 HF9, 11.3.0 HF9, 11.2.1 HF11
Opened: May 15, 2013 Severity: 2-Critical Related Article:
K14840
If, from the command line, you run the commands 'tmsh show sys crypto fips' and 'tmsh show sys crypto key', you see a FIPS key handle mismatch in the output of these commands.
Traffic might be disrupted.
This can occur when you use FIPS keys on two 6900 or 8900 platforms configured as an HA pair and also manage the devices by EM.
Remove the device from EM management.
Using Enterprise Manager to manage HA pairs with FIPS no longer causes key handle mismatches.