Bug ID 1041225: Missing SHA-384 cipher suites in outgoing LDAP TLS ClientHello

Last Modified: Dec 07, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.4.1, 13.1.5, 13.1.5.1

Opened: Aug 17, 2021

Severity: 2-Critical

Symptoms

BIG-IP does not send SHA-384 ciphers in the advertised ciphers list in the Client Hello when initiating LDAP/TLS with a pool member (in the case of a monitor).

Impact

Servers requiring SHA-384 for LDAP/TLS authentication will not be able to authenticate.

Conditions

You have LDAP servers which support SHA-384 ciphers only for LDAP/TLS authentication.

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips