Bug ID 567774: ca-devices and non-ca-devices addition/deletion has been removed from restart cm trust-domain Root

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.4.1, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0, 12.0.0 HF1, 12.0.0 HF2

Fixed In:
12.1.0, 12.0.0 HF3, 11.6.1

Opened: Jan 14, 2016
Severity: 3-Major

Symptoms

The properties 'ca-devices' and 'non-ca-device' are available in the 'restart' command but are not valid.

Impact

You should not use the restart command with the properties 'ca-devices' and 'non-ca-device'. It has to be used similar to the delete command.

Conditions

None

Workaround

A new tmsh command to reset a device trust was added: 'restart cm trust-domain Root' which operates exactly like 'delete cm trust-domain Root'. The properties 'ca-devices' and 'non-ca-device' are available in the 'restart' command but are not valid. These properties are not available in the 'delete cm trust-domain'. Workaround for customer is to not use these two properties when running the 'restart cm trust-domain' command or to use the 'delete cm trust-domain'

Fix Information

The 'ca-devices' and 'non-ca-devices' properties were removed from the tmsh command 'restart cm trust-domain' command because they are not valid.

Behavior Change