Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

FIPS Mode LoadMaster unable to import Templates

After upgrading to the LoadMaster v7.1.35 release, errors are displayed when importing templates on FIPS-based LoadMasters only.

When the LoadMaster is in FIPS mode, templates cannot be imported due to a cipher error "Syntax error detected in template file: Cipher set not valid" as shown in the screenshot above.

This can be resolved with the creation of a basic Best Practices XXX cipher set and is easily done via the RESTful API.

Note: The API interface is required to be enabled as shown in the screenshot above (Certificates & Security > Remote Access > Enable API Interface).

With the RESTful API enabled, the following command will create a Best Practices Cipher Set. This can be pasted into a browser window address bar with the LoadMaster IP address appropriately updated:

https://<LoadMasterIPAddress>/access/modifycipherset?name=XXXXX&value=ECDHE-RSA-AES256-SHA384

The XXX is the name give to the new group of ciphers.

This will create a Best Practices cipher set which will allow the successful import of templates.

Note: This is a basic Best Practices cipher set to enable the template functionality and should be appropriately updated before assigning to a Virtual Service and using in a production environment.


Was this article helpful?
0 out of 0 found this helpful

Comments