Replacing Masterkey

Question

I am planning to replace the masterkey for one of our vcmp guests in DC to match with other DR for GTM sysnc&nbsp;
I know the process to replace the master key&nbsp;
I am worried about whether it will impact ldap servers, monitoring,paraphrase which uses master key for there encryption&nbsp;

f5-geek · Answer

Any Feedback is appreciated&nbsp;

f5-geek · Answer

Any Feedback is appreciated&nbsp;

leonardo_souza · Answer

When you change the master key, the system will take care of implications for that change.
Use tmsh to change the master key, and save the configuration after.&nbsp;
I don't remember to ever have to play with master keys because of GTM.
Are you sure you are not facing this bug?&nbsp;
https://support.f5.com/csp/article/K96156151&nbsp;

youssef1 · Answer

Hi,&nbsp;
In fact if you change master key, you will have an problem with encrypt configuration object passwords or passphrases (ldap, monitor with pwd, sso profile with sso, ...). you can change these password once the master key is migrated but before go ahead why you need to do that for GTM, what is your initial problem?&nbsp;
you can just bigip_add or gtm_add depending if it is a GTM or just LTM (not GTM):&nbsp;
https://support.f5.com/csp/article/K13312&nbsp;
Regards&nbsp;

Forum Discussion

Replacing Masterkey

4 Replies

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

Working with MasterKeys

ADFS Proxy Replacement on F5 BIG-IP

string first replacement procedure for ID999881

irule url host replacement

F5 GTM GSLB replacement