Bug ID 442455: Hardware Security Module (HSM) CSR and certificate fields constraints: 15 characters and no spaces.

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2

Fixed In:
11.6.0, 11.5.4 HF3

Opened: Jan 08, 2014
Severity: 3-Major
Related AskF5 Article:
K50522710

Symptoms

While using the tmsh command or fipskey.nethsm utility to create HSM keys/csr/cert, Locality, Province, Organization names cannot be longer than 15 characters. While using the tmsh command to create HSM keys/csr/cert, Locality, Province, Organization names, common name cannot process multiple words. The system accepts only the content up to the first space character.

Impact

The system truncates field content to 15 characters or to the string up to the first space character.

Conditions

HSM keys/csr/cert, Locality, Province, Organization names, common name are longer than 15 characters or consists of strings separated by space characters.

Workaround

Use strings shorter than or equal to 15 characters. Use strings without spaces. To use strings containing spaces, quote the entire string and delimit spaces with a backslash character (\). For example, for the string F5 Networks Inc, use this: "F5\ Networks\ Inc". Note that the delimiting slash still counts as a character.

Fix Information

You can now create HSM CSR and certificate fields containing space characters and use strings longer than 15 characters for keys/csr/cert, Locality, Province, Organization names, common name fields.

Behavior Change