Bug ID 639606: If mcpd fails to load DNSSEC keys then signing does not happen and no error logged

Last Modified: Dec 15, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,, 15.0.0, 15.0.1,,,,

Fixed In:

Opened: Jan 16, 2017
Severity: 3-Major


MCPD successfully loads configuration when it's not able to decrypt DNSSEC Key generation.


The configuration successfully loads but BIG-IP is not able to sign Resource Records.


MCPD loads configuration with DNSSEC Key generation encrypted by master key which has been changed.



Fix Information

MCPD throw error if not able to decrypt private text of DNSSEC Key generation with current master key.

Behavior Change