BugZero | F5 BugID 1070393 - The f5_api_com.crt certificate file may be removed...

F5 - Defect ID: 1070393

The f5_api_com.crt certificate file may be removed by the load sys config command

F5 - Defect ID: 1070393

The f5_api_com.crt certificate file may be removed by the load sys config command

Last updated on November 15th, 2025

BugZero Risk Score
6.7 Medium

Overall: 6.7

Severity: 7.3

Community: 4.2

Lifecycle: 6.4

What is the BugZero Risk Score?

F5 Integration

Learn more about where this data comes from

F5 Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Priority: 3-Major
Status: New
Impact Category: TMOS
Views: 321

Description

Symptoms

The BIG-IP downloads an f5_api_com.crt certificate file when a production BIG-IP license is installed, but a subsequent "load sys config" reverts to the pre-certificate config, and deletes (tidies up) the file.

Impact

F5_api_com.crt certificate file is not present on the BIG-IP system.

Conditions

-- Activate a BIG-IP license in either the GUI or tmsh (this causes the f5 API certificate to be downloaded and installed into the config) -- Run 'tmsh load sys config' -- Observe that the f5_api_com.crt object is no longer present in the BIG-IP config.

Workaround

- Ensure that "tmsh save sys config" is run after installing a new BIG-IP license. - If the certificate has been removed from the BIG-IP configuration, but is still present in the filesystem, you can import it with the expected name (f5_api_com.crt): "tmsh create sys file ssl-cert f5_api_com.crt source-path file:///config/ssl/ssl.crt/f5_api_com.crt" - If the certificate has been lost, you can re-activate the license, to cause a new API certificate to be pulled down from the F5 license server.

Fix Information

None

Change history

2025-11-15 Added: 15.1.10.7, 15.1.10.8, 16.1.6.1, 17.1.3

2025-10-19 Added: 15.1.10.7, 15.1.10.8, 16.1.6.1, 17.1.3

2025-10-15 Added: 17.1.3

2025-06-28 Added: 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 17.0.0, 17.0.0.1, 17.0.0.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2

Relevant Products

Click on a version to see all relevant bugs

Affected versions:15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 15.1.10.7, 15.1.10.8, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6, 16.1.6.1, 17.0.0, 17.0.0.1, 17.0.0.2, 17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3

Fixed versions: No known fixed versions

Relevant Products

Click on a version to see all relevant bugs

Fixed versions: No known fixed versions

Top F5 Defects

9.6Defect ID: 546260
TMM can crash if using the v6rd profile
9.6Defect ID: 740969
Menu visibility issue with newly activated license.
9.6Defect ID: 2141205
Tpm-status returns: "System Integrity: Invalid" for some Engineering Hotfixes
9.4Defect ID: 1116845
Interfaces using the xnet driver are not assigned a MAC address
9.4Defect ID: 2137653
Unable to upload files that contain a colon in the filename

Ready to prevent the next vendor outage?

Get a demo

F5 - Defect ID: 1070393

The f5_api_com.crt certificate file may be removed by the load sys config command

F5 - Defect ID: 1070393

The f5_api_com.crt certificate file may be removed by the load sys config command

Last updated on November 15th, 2025

BugZero Risk Score6.7 Medium

Bug Details

Symptoms

Impact

Conditions

Workaround

Fix Information

Top F5 Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
6.7 Medium