Bug ID 631046: Unable to generate a FIPS key using the GUI

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6

Opened: Nov 30, 2016

Severity: 3-Major


While generating a FIPS key from the BIG-IP GUI, you get the following error: Key management library returned bad status: -4, FIPS security is not licensed, FIPS key security type is not allowed. Generating a FIPS key from tmsh works properly.


Unable to generate a FIPS key using the GUI.


This occurs on FIPS-licensed 12.1.1 HF1 and HF2, when using the GUI to generate the FIPS key.


Use the following tmsh command to generate a FIPS key: tmsh create sys crypto key <key_object_name> security-type fips.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips