Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
13.1.0
Opened: Sep 09, 2016 Severity: 4-Minor Related Article:
K45692373
When using gen-csr option in tmsh to create a netHSM key, the operation fails.
Cannot create csr and key at the same tmsh command for netHSM.
gen-csr is used in the tmsh command when creating netHSM keys.
Do not use gen-csr option when creating netHSM key; instead, use the fipskey.nethsm utility.
Implemented the underlying infrastructure to fully support PKCS #11 protocol. With this change, specifying gen-csr in tmsh works as expected for all netHSM, e.g., Safenet and Thales.