Bug ID 639606: If mcpd fails to load DNSSEC keys then signing does not happen and no error logged

Last Modified: Feb 27, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2

Opened: Jan 16, 2017
Severity: 3-Major

Symptoms

MCPD successfully loads configuration when it's not able to decrypt DNSSEC Key generation.

Impact

The configuration successfully loads but BIG-IP is not able to sign Resource Records.

Conditions

MCPD loads configuration with DNSSEC Key generation encrypted by master key which has been changed.

Workaround

None

Fix Information

None

Behavior Change