Bug ID 632060: restjavad is unable to read the dtca.key files resulting in Error: Failed to read key: invalid header

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP Install/Upgrade, TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.0.0

Fixed In:
13.1.0, 13.0.0 HF1, 12.1.3

Opened: Dec 06, 2016
Severity: 3-Major

Symptoms

when upgrading to 12.1.1, 12.1.2 or 13.0 releases, executing a command similar to curl -k -u admin:admin https://127.0.0.1:443/mgmt/shared/device-discovery-tasks causes the following error: "errorMessage": "Could not connect to host 10.0.0.160. Please ensure there are no licensing, firewall, port lockdown or network connectivity issues. Error: Failed to read key /config/filestore/files_d/Common_d/trust_certificate_key_d/:Common:dtca.key_12100_2: invalid header",

Impact

if your device has an iApps LX application, then that application sill not synchronize to the standby device. So if a failover occurs, then the iApps LX application will seem to disappear, and traffic will not pass through the application.

Conditions

Upgrading from releases prior to 12.1.1 to 12.1.1 or 12.1.2 or 13.0

Workaround

If you have upgraded and are in this condition, and you need to use iAppsLX, you can perform the following procedure to recover. Impact of procedure: this procedure disables HA and requires you to rebuild your HA environment. You only need to use this procedure if you absolutely need to run an iAppLX. 1. Reset device trust, then re-establish device trust, your device group(s), and your traffic group(s) 2. At the BIG-IP command line for each of the devices, run the following command: clear-rest-storage

Fix Information

Upgrade to 13.1 or 13.0.x hot fix

Behavior Change