Last Modified: Apr 24, 2024
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 16.0.0, 16.0.0.1, 16.0.1, 16.0.1.1, 16.0.1.2, 16.1.0, 16.1.1, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3
Fixed In:
17.0.0
Opened: Jul 27, 2021 Severity: 3-Major
Under some conditions, the BIG-IP's TLS 1.3 Client Hello sometimes does not have the pre-shared key extension as the last extension in the Client Hello. This is contrary to a requirement in the TLS 1.3 RFC, and causes servers to fail the connection. A backend server may log a message such as: SSL_do_handshake() failed (SSL: error:141B306E:SSL routines:tls_collect_extensions:bad extension)
The TLS handshake fails.
-- Server SSL profile (BIG-IP operating as client) with TLS 1.3 enabled. -- A Client Hello message size that falls between 256 and 512 bytes (without padding), which causes the BIG-IP to introduce a padding extension at the end of the Client Hello. This issue can be seen via use of the "single-dh-use" or "session-tickets" options in the SSL profile.
Adjust the configuration of the Server SSL profile by either: -- Disable Session Tickets or -- Disable the single-dh-use option
None