Bug ID 422241: Thales without OCS protected slot

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF9

Opened: May 30, 2013
Severity: 2-Critical


The pkcs11d daemon is unable to initialize the pkcs11 session with the hardware security modules (HSM), if only the module slot exists. The pkcs11d daemon expects an Operator Card Set (OCS)-protected slot to always exist.


pkcs11d daemon is unable to initialize the session with the HSM and keeps restarting due to failed initialization.


Configuring only module-protected slots and disabling OCS protected slot.


Enable an OCS protected slot.

Fix Information

The system now supports Thales without an Operator Card Set (OCS)-protected slot.

Behavior Change