Forum Discussion
uchi_122495
Cirrus
CirrusFailed to create LocalLBProfileClientSSL on v11.5.1 via iControl
I am trying to create clientSSL profile on v11.5.1HF7 via iControl Java. I can create it on /Common partition ,but unable to do on the other partition. Please Help.
This code works fine.
String[] profile_names = { "profile_ssl_test" };
/** RSA keypair (/Common/test.key and /Common/test.crt) was created already. */
LocalLBProfileString[] key_names = { new LocalLBProfileString("test.key",false) };
LocalLBProfileString[] crt_names = { new LocalLBProfileString("test.crt",false) };
interfaces.getManagementPartition().set_active_partition("/Common");
interfaces.getLocalLBProfileClientSSL().create_v2(profile_names, key_names, crt_names);But this one failed with Internal Server Error.
String[] profile_names = { "profile_ssl_test" };
/** RSA keypair (/Test/test.key and /Test/test.crt) was created already. */
LocalLBProfileString[] key_names = { new LocalLBProfileString("/Test/test.key",false) };
LocalLBProfileString[] crt_names = { new LocalLBProfileString("/Test/test.crt",false) };
interfaces.getManagementPartition().set_active_partition("/Test");
interfaces.getLocalLBProfileClientSSL().create_v2(profile_names, key_names, crt_names);Also, I'm getting following errors
/var/log/httpd/httpd_errors
err httpd[11519]: [error] [client 192.168.29.53] FastCGI: incomplete headers (0 bytes) received from server "/usr/local/www/iControl/iControlPortal.cgi"
warning fcgi-[11492]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" (pid 18604) terminated due to uncaught signal '11' (Segmentation fault)
warning fcgi-[11492]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" restarted (pid 19866)
/var/log/kern.log
info kernel: iControlPortal.[18604]: segfault at 4 ip 000000005bb8e893 sp 00000000ff8f8bf8 error 4 in ManagementServer.so[5b971000+446000]In addition, both codes work fine on v11.4.1
This bug ( ID465142 ) is fixed on v11.5.4
ID 465142
LocalLB::ProfileClientSSL::create and create_v2 methods now work correctly when used in partitions other than /Common.
Michael_JenkinsCirrostratus
I haven't messed with partitions, but just to try, if you change you key and cert names to not include the "/Test/", does it work?
- uchi_122495
Michael, thank you for your reply.
I tried changing crt and key name. But it also failed with same errors.
String[] profile_names = { "profile_ssl_test" }; /** RSA keypair (/Test/test.key and /Test/test.crt) was created already. */ LocalLBProfileString[] key_names = { new LocalLBProfileString("test.key",false) }; LocalLBProfileString[] crt_names = { new LocalLBProfileString("test.crt",false) }; interfaces.getManagementPartition().set_active_partition("/Test"); interfaces.getLocalLBProfileClientSSL().create_v2(profile_names, key_names, crt_names); 
mailmailmail_17Nimbostratus
Hi, I can confirm the exact same behavior using python bigsuds. When I set partition value to "Common" everything works fine * importing crt * importing key * creating ssl profile But when I change partition to some other existing one, it returns code 500 and logs following
Feb 27 14:55:10 f5 err httpd[9139]: [error] [client ] FastCGI: incomplete headers (0 bytes) received from server "/usr/local/www/iControl/iControlPortal.cgi" Feb 27 14:55:10 f5 warning fcgi-[13013]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" (pid 16341) terminated due to uncaught signal '11' (Segmentation fault) Feb 27 14:55:10 f5 warning fcgi-[13013]: [warn] FastCGI: server "/usr/local/www/iControl/iControlPortal.cgi" restarted (pid 16358)- uchi_122495Thank you for your confirmation. I'm contacting our technical support to investigate this issue.
- uchi_122495The support team answered it is known issue on v11.5.x. It has already fixed on v11.6.
- mailmailmail_17
Thanks for checking, I confirm that it's working fine in 11.6. It would be nice to have it backported via hotfix to 11.5 too.
- uchi_122495
This bug ( ID465142 ) is fixed on v11.5.4
ID 465142
LocalLB::ProfileClientSSL::create and create_v2 methods now work correctly when used in partitions other than /Common.