Manual Chapter :
Key storage locations
Applies To:
Show VersionsBIG-IP LTM
- 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
BIG-IP DNS
- 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Key storage locations
The master key is encrypted and then stored in the master file in the
directory
/config/bigip/kstore
. The following table shows unit and master key storage
locations depending on the platform type.Platform type | Unit key | Master key |
---|---|---|
Bare-metal system | Stored in electrically erasable programmable
read-only memory (EEPROM). EEPROM is hardware for storing non-volatile
data and is resistant to hackers. | Stored in the master file in the directory
/config/bigip/kstore . |
vCMP host | Stored on the vCMP host in EEPROM. The purpose
of the host's unit key is to encrypt and decrypt the host's master
key. | Stored on the vCMP host in the master file in
the directory /config/bigip/kstore . |
vCMP guest | Stored within the mcpdb of the vCMP
host. | Stored on the vCMP guest in the master file in
the directory /config/bigip/kstore . |
BIG-IP Virtual Edition (VE) system or any
system without EEPROM | Stored in the hidden file named .unitkey in the
directory /config/bigip/kstore . | Stored in the master file in the directory
/config/bigip/kstore . |