Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7
Fixed In:
12.1.4
Opened: Jul 03, 2017 Severity: 2-Critical
TMM cores if the SAML message signature verification certificate cannot be found in the configuration.
The issue can lead to momentary service interruption. Traffic disrupted while tmm restarts.
-- SAML is configured with an invalid certificate in the message signature validation setting. -- The control-plane is unable to detect such misconfiguration. Note: This is an unlikely occurrence if the usual control-plane is used to configure the SSO/SAML object. In this particular case, the certificate-key was passed in as the certificate which triggered a certificate-not-found error.
Make sure the certificate configured for use with the SAML message signature verification is correctly configured and the configuration loads successfully.
None