Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP GTM, Install/Upgrade, LTM
Known Affected Versions:
10.2.4, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3
Fixed In:
12.1.0, 12.0.0, 11.6.0 HF4, 11.5.2, 11.4.1 HF10
Opened: Nov 12, 2014 Severity: 2-Critical Related Article:
K16030
When DNSSEC keys are stored in HSM and the system is upgraded, config load can fail because of duplicate keys in HSM.
Failed upgrade or config load.
DNSSEC keys in HSM. Upgrade or UCS load of configuration that contains the same keys.
None.
BIG-IP DNS/mcpd now checks for an existing key and does not import keys that already exist.