Bug ID 634023: Use tmsh to create key and certificate based on Thales netHSM

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1

Fixed In:
13.1.0

Opened: Dec 16, 2016
Severity: 3-Major

Symptoms

There are no tmsh commands for key/cert management for Thales.

Impact

Must use fipskey.nethsm (a standalone wrapper program for the Thales-provided utility) to create Thales netHSM keys and certificates.

Conditions

When Thales is used as netHSM to work with the BIG-IP system.

Workaround

Use fipskey.nethsm to create netHSM keys and certificates.

Fix Information

The system now supports native PKCS#11 API based key management for netHSM vendors. With this fix, all netHSM users including Thales users are able to use tmsh command to manage keys and certificates.

Behavior Change