Bug ID 618131: Latency for Thales key population to the secondary slot after reboot

Last Modified: Apr 19, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6

Opened: Sep 21, 2016
Severity: 3-Major


It may take a significant amount of time for the Thales key to populate from the primary slot to the secondary slot after a reboot. The latency can be a few minutes.


The key can't be found at secondary slot and the ssl traffic may fail.


This occurs for Thales netHSM installed on Chassis.


If SSL handshakes fail on secondary blades for newly created Thales keys, you may check secondary blades with nfkminfo -l to see if the file is there. If not the file can be synchronized with rfs-sync --U.

Fix Information


Behavior Change