Fail to use encrypted private key in clientssl profile

Question

When I try to use encrypted private key when I create clientssl profile, it replies with the following error and fail to proceed 
&nbsp;  
&nbsp; 01070313:3: Error reading key PEM file /config/ssl/ssl.key/ssl_eapTestDES.key for profile pClientssl_eapTest: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch 
&nbsp;  
&nbsp; I had tried to use the same key/cert pairs in unencrypted form and it works without any problem. I had also tried to encrypt the key in DES, DES3, AES128, AES192 and AES256, all of them give the same error

hooleylist · Answer

Which LTM version are you running?  Have you configured the passphrase for the key in the client SSL profile?  I think the ability to use an SSL key with a passphrase was added in 9.2.  For details on configuring and verifying a server cert/key in a clientssl profile, you can check SOL10167:   
&nbsp;      
&nbsp;   SOL10167: Overview of the ClientSSL profile   
&nbsp;   https://support.f5.com/kb/en-us/solutions/public/10000/100/sol10167.html   
&nbsp;  
&nbsp; Aaron

Forum Discussion

Fail to use encrypted private key in clientssl profile

1 Reply

Recent Discussions

About custome Response Blocking Page

About IPI check ip list

Cookie Violation - Expired TimeStamp.

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

CGNAT with DS-lite and LSN

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Automate Let's Encrypt Certificates on BIG-IP

BIG-IP Orchestrate in private Data Center using Terraform Cloud Agent

Encrypting Cookies