Manual Chapter : Key storage locations

Applies To:

Show Versions Show Versions

BIG-IP LTM

  • 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP DNS

  • 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Manual Chapter

Key storage locations

The master key is encrypted and then stored in the master file in the directory
/config/bigip/kstore
. The following table shows unit and master key storage locations depending on the platform type.
Platform type
Unit key
Master key
Bare-metal system
Stored in electrically erasable programmable read-only memory (EEPROM). EEPROM is hardware for storing non-volatile data and is resistant to hackers.
Stored in the master file in the directory
/config/bigip/kstore
.
vCMP host
Stored on the vCMP host in EEPROM. The purpose of the host's unit key is to encrypt and decrypt the host's master key.
Stored on the vCMP host in the master file in the directory
/config/bigip/kstore
.
vCMP guest
Stored within the mcpdb of the vCMP host.
Stored on the vCMP guest in the master file in the directory
/config/bigip/kstore
.
BIG-IP Virtual Edition (VE) system or any system without EEPROM
Stored in the hidden file named
.unitkey
in the directory
/config/bigip/kstore
.
Stored in the master file in the directory
/config/bigip/kstore
.