Last Modified: Apr 10, 2019
See more info
Known Affected Versions:
14.1.0, 22.214.171.124, 126.96.36.199
Opened: Jan 03, 2019
As a result of this issue, you may encounter one or more of the following symptoms: -- A virtual server is created but no client SSL profile is applied. -- In the /var/log/ltm file, the system logs messages similar to the following example: err mcpd: 01b4002b:3: Client SSL profile (/Common/Example.app/Example_client-ssl): the profile has no RSA cert/key pair that can be modified. To add RSA cert/key, please use [cert-key-chain add]
The system fails to create and apply the client SSL profile to the virtual server.
This issue occurs when the following conditions are met: -- Attempting to reconfigure an iApp. -- The iApp contains a client SSL profile.
To work around this issue, you can temporarily disable SSL in the iApp, and then enable it again. Impact of workaround: Reconfiguring your iApp reconfigures all BIG-IP objects associated with the iApp. This might cause service disruptions to the application the iApp has been deployed for. 1. Navigate to the impacted iApp in GUI: iApps :: Application Services : Applications :: Example. 2. Find the setting associated with the client SSL profile, often titled "How should the BIG-IP system handle SSL traffic?" 3. Change the associated setting to one that does not imply the use of SSL, for example: "Plain text to and from both clients and servers." 4. Press the Reconfigure button. 5. Return to the same question and change the field back to its original setting. 6. Press the Reconfigure button once more.
Reconfiguring an iApp that uses a client SSL profile now succeeds as expected.