Last Modified: Dec 07, 2023
Affected Product(s):
BIG-IP TMOS
Fixed In:
17.0.0, 16.1.3, 15.1.6.1, 14.1.5
Opened: Feb 07, 2022 Severity: 2-Critical
TMUI (the GUI) needs to be upgraded with OpenJDK 1.8 to support TLS 1.2 AES GCM ciphers for OAuth Provider Discovery
Deployments which use Microsoft Azure AD as OAuth IDP, will start facing issues with OAuth Provider discovery after 31st Jan 2022. Microsoft is deprecating TLS1.0/1.1 and supporting TLS1.2 AES GCM ciphers only.
BIG-IP systems using the GUI
None
Upgrade tomcat with OpenJDK 1.7 32bit to OpenJDK 1.8 32bit Note: This results in an increase in the size of /usr. Although not an issue on its own, cumulative increases in /var, /usr, and /root might result in installation failures on iSeries devices when multiple slots contain software versions 16.1.x or later. Depending on the combination of versions, you might not be able to install/upgrade three TMOS software volumes on your iSeries device (see K41812306: The appdata volume on BIG-IP iSeries platforms is now larger :: https://support.f5.com/csp/article/K41812306 ).
Upgrade tomcat with OpenJDK 1.7 32bit to OpenJDK 1.8 32bit Note: This results in an increase in the size of /usr. Although not an issue on its own, cumulative increases in /var, /usr, and /root might result in installation failures on iSeries devices when multiple slots contain software versions 16.1.x or later. Depending on the combination of versions, you might not be able to install/upgrade three TMOS software volumes on your iSeries device (see K41812306: The appdata volume on BIG-IP iSeries platforms is now larger :: https://support.f5.com/csp/article/K41812306 ).