Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP Install/Upgrade
Known Affected Versions:
11.2.1, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1
Fixed In:
12.0.0, 11.6.1 HF1, 11.5.4
Opened: Dec 09, 2014 Severity: 3-Major Related Article:
K17338
Configuration fails with Syntax Error after upgrading to 11.5.0 from pre-11.5.0 releases.
Configuration load fails, and the system posts the alert: Syntax Error:(/config/bigip.conf at line: 12) one or more configuration identifiers must be provided.
When upgrading from a pre-11.5.0 release to version 11.5.0, the key/cert have an extra period in the name (for example mykey..key and mycert..crt). Beginning with version 11.5.0, multiple key/cert pairs are associated with one clientssl, so each key/cert pair has a name. During upgrade, the system provides a name for each key/cert, which can cause problems if the existing key/cert name contains a period character.
Manually edit the bigip.conf to add a title for the cert-key-chain, and then run the command: tmsh load sys config.
Before v11.5.0, Clientssl profile only supports one key/cert pair, no name associated with the key/cert pair. In v11.5.0, multiple key/cert pairs are associated with one clientssl, so each key/cert pair has a name.