Last Modified: Jul 13, 2024
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4
Fixed In:
12.1.0, 11.6.1 HF2
Opened: Jan 14, 2016 Severity: 3-Major
BIG-IP intermittently has SSL traffic failures with HSM. This symptom happens on both chassis and appliance. The general error messages are logged with "FIPS acceleration device failure: fips_poll_completed_reqs: req: 44 status: 0x1 : Cancel"
SSL traffic is failing.
When Safenet HSM is used with BIG-IP.
"bigstart restart pkcs11d" might mitigate this issue.
Multiple issues are fixed including better sync-up between tmm and pkcs11d. Fixes are also included to deal with key handle changes at HSM.