Bug ID 1043357: SSL handshake may fail when using remote crypto client

Last Modified: Feb 07, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5

Fixed In:
17.0.0, 16.1.2.2, 15.1.5.1, 14.1.4.6

Opened: Aug 27, 2021

Severity: 3-Major

Symptoms

ServerSSL handshake fails when verifying ServerKeyExchange message.

Impact

The virtual server is unable to connect to the backend server.

Conditions

Remote crypto client is configured and the ServerSSL profile connects using an ephemeral RSA cipher suite.

Workaround

Use non-ephemeral RSA or ECDSA cipher suite on ServerSSL.

Fix Information

Fix remote crypto client.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips