Bug ID 484429: After updating a key/certificate in place and synchronizing the configuration, TMM may log critical-level messages that it could not load a key, certificate, or chain.

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.1 HF6

Opened: Oct 14, 2014
Severity: 3-Major
Related AskF5 Article:
K15960

Symptoms

After updating a key/certificate in place and synchronizing the configuration, TMM may log critical-level messages about loading a key, certificate, or chain.

Impact

In 11.5.0 and later, this message indicates an issue that impacts traffic to affected virtual servers: 01260000:2: Profile /Common/otters: could not load key/certificate. In versions earlier than 11.5.0, these messages can safely be ignored: -- 01260000:2: Profile /Common/otters-ssl: could not load key file. -- 01260000:2: Profile /Common/otters-ssl: could load neither certificate nor chain file

Conditions

A certificate and/or key referenced by an SSL profile are deleted and then recreated, and then that is synchronized (via a full sync, not an incremental sync) to peer devices.

Workaround

None

Fix Information

TMM still log critical-level messages, but the system function properly and traffic is not affected.

Behavior Change