Certificate management, key security-type

Question

hi&nbsp;
Anyone knows what the Security-Type (by import of a key) "Password" is for?&nbsp;
Made some tests importing password-protected and not-protected keys and selecting normal/password results in no difference.&nbsp;
Thanks&nbsp;
Alex&nbsp;

el · Answer

Hi Alex, do you already know the answer? I also see no different so far from my testing.

nathe · Answer

Is it to distinguish a non-FIPS key from a FIPS key, if you have a FIPS card in the bigip?

saravanan_m_k · Answer

Generally on BIGIP there are four security-type for the SSL key (depending on what modules you have).  The security-type  specifies the type of security used to handle or store the key.&nbsp;
normal: The key resides in a standard form on the file-system. This is the default value.&nbsp;
fips: The key is protected by a FIPS device on the system and is only applicable to devices with FIPS support&nbsp;
password: Specifies that the key is protected by a passphrase and stored in encrypted form.&nbsp;
nethsm: The key is protected by a FIPS device outside the system.&nbsp;

Forum Discussion

Certificate management, key security-type

3 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

Re: Management Certificate

Certificate Automation for BIG-IP using CyberArk Certificate Manager, Self-Hosted

Automating certificate lifecycle management with HashiCorp Vault

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS