Bug ID 451627: If key associated with monitor is stored in external hsm, monitor fails.

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Fixed In:
13.0.0

Opened: Mar 07, 2014

Severity: 3-Major

Symptoms

Monitor does not work with netHSM keys.

Impact

Monitor does not work.

Conditions

Configure netHSM keys and monitor.

Workaround

None

Fix Information

Make monitor works with netHSM keys. 1. Implement fips_find_key() for netHSM key. find_key() searches the netHSM keys by name label. 2. pkcs11d also handles last four queues, mcpd, tmsh, openssl and others (bigd etc) 3. Since bigd is 32-bit process, pkcs11d is 64-bit process, use union to fix the shared memory queue.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips