Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5
Fixed In:
13.0.0, 12.1.5.1
Opened: Sep 07, 2016 Severity: 3-Major
When you run qkview -c, you are prompted for a password: Enter pass phrase for ./Common_d/certificate_key_d/:Common:f5_api_com.key_64768_1:
qkview -c cannot be run because /bin/printcertmods requires a valid passphrase to finish.
An OpenSSL key exists that is encrypted with a passphrase.
Unless you can enter passphrases from the command line, assuming there are a small number of such keys and the passphrase is available, there is no workaround.
The fix simply avoids the issue and skips computing the modulus for any encrypted key.