Bug ID 703298: Licensing and phonehome_upload are not using the sync'd key/certificate

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,

Fixed In:

Opened: Jan 23, 2018
Severity: 3-Major


After config-sync, the secondary unit's key passphrase does not decrypt the cached key file.


phonehome_upload will fail on the secondary unit because the passphrase doesn't match the key file.


The original file for f5_api_com.key is used instead of the cached file.


After sync, copy the file /config/filestore/files_d/Common_d/certificate_key_d/:Common:f5_api_com.key_xxxx over to /config/ssl/ssl.key/f5_api_com.key using the following commands: # cd /config/filestore/files_d/Common_d/certificate_key_d # cp -a :Common:f5_api_com.key_xxxx /config/ssl/ssl.key/f5_api_com.key :Common:f5_api_com.key_xxxx Once the /config/ssl/ssl.key file is in sync, then loading the config with either cached or un-cached file will work fine.

Fix Information

The system now removes the source-path files and only keeps the cache-path files. phonehome_upload now will work on the standby unit after a config-sync. Without the source-path files which do not get sync'd, there is no danger of re-loading them.

Behavior Change