Bug ID 421349: FIPS key mismatch

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF9, 11.2.1 HF8

Opened: May 17, 2013

Severity: 2-Critical

Related Article: K14840

Symptoms

If, from the command line you run the commands 'tmsh show sys crypto fips' and 'tmsh show sys crypto key', you see a FIPS key handle mismatch in the output of these commands.

Impact

Traffic might be disrupted.

Conditions

This can occur when you use FIPS keys on two 6900 or 8900 platforms configured as an HA pair and also manage the devices by EM.

Workaround

Remove the device from EM management.

Fix Information

Using Enterprise Manager to manage HA pairs with FIPS no longer causes key handle mismatches.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips