Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Fail to use encrypted private key in clientssl profile

When I try to use encrypted private key when I create clientssl profile, it replies with the following error and fail to proceed

01070313:3: Error reading key PEM file /config/ssl/ssl.key/ssl_eapTestDES.key for profile pClientssl_eapTest: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

I had tried to use the same key/cert pairs in unencrypted form and it works without any problem. I had also tried to encrypt the key in DES, DES3, AES128, AES192 and AES256, all of them give the same error
0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER
Which LTM version are you running? Have you configured the passphrase for the key in the client SSL profile? I think the ability to use an SSL key with a passphrase was added in 9.2. For details on configuring and verifying a server cert/key in a clientssl profile, you can check SOL10167:

SOL10167: Overview of the ClientSSL profile
https://support.f5.com/kb/en-us/solutions/public/10000/100/sol10167.html

Aaron
0