Bug ID 672221: TMM cores if the certificate configured to validate message signature does not exist.

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,,,

Fixed In:

Opened: Jul 03, 2017
Severity: 2-Critical


TMM cores if the SAML message signature verification certificate cannot be found in the configuration.


The issue can lead to momentary service interruption. Traffic disrupted while tmm restarts.


-- SAML is configured with an invalid certificate in the message signature validation setting. -- The control-plane is unable to detect such misconfiguration. Note: This is an unlikely occurrence if the usual control-plane is used to configure the SSO/SAML object. In this particular case, the certificate-key was passed in as the certificate which triggered a certificate-not-found error.


Make sure the certificate configured for use with the SAML message signature verification is correctly configured and the configuration loads successfully.

Fix Information


Behavior Change