Bug ID 518608: Startup script to update CRL file errors out with 'file... expected to exist' exception.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Opened: Apr 17, 2015

Severity: 3-Major

Related Article: K57830372


Running the startup script command 'tmsh install sys crypto...' to update the CRL file errors out with 'file... expected to exist' exception.


The CRL file is retrieved, but due to the error it is not installed. This is because mcpd lacks read permission to the specified temp file. The system posts an error in /var/log/ltm similar to the following: err mcpd[6253]: 01070712:3: Caught configuration exception (0), file(/var/tmp/tmsh/7QjLFt/data) expected to exist. - sys/validation/FileObject.cpp, line 3151.


Follow the steps in the AskF5 SOL11948: Configuring the BIG-IP system to run commands or scripts upon system startup, (available here: https://support.f5.com/kb/en-us/solutions/public/11000/900/sol11948.html) to run startup_script_sol11948.sh at startup. Adapt this script to run the command: tmsh modify /sys file ssl-crl LatestCRL.crl source-path http://custom_url/NewLatestCRL.crl.


Update the CRL file from the local file using the following command: tmsh -m install sys crypto crl LatestCRL.crl from-local-file /root/LatestCRL.crl.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips