OPERATIONAL DEFECT DATABASE
...
...
Running the startup script command 'tmsh install sys crypto...' to update the CRL file errors out with 'file... expected to exist' exception.
The CRL file is retrieved, but due to the error it is not installed. This is because mcpd lacks read permission to the specified temp file. The system posts an error in /var/log/ltm similar to the following: err mcpd[6253]: 01070712:3: Caught configuration exception (0), file(/var/tmp/tmsh/7QjLFt/data) expected to exist. - sys/validation/FileObject.cpp, line 3151.
Follow the steps in the AskF5 SOL11948: Configuring the BIG-IP system to run commands or scripts upon system startup, (available here: https://support.f5.com/kb/en-us/solutions/public/11000/900/sol11948.html) to run startup_script_sol11948.sh at startup. Adapt this script to run the command: tmsh modify /sys file ssl-crl LatestCRL.crl source-path http://custom_url/NewLatestCRL.crl.
Update the CRL file from the local file using the following command: tmsh -m install sys crypto crl LatestCRL.crl from-local-file /root/LatestCRL.crl.
None
Click on a version to see all relevant bugs
F5 Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.
