Bug ID 1505649

Bug Tracker
ID 1505649

Bug ID 1505649: SSL Handshake fall back to full handshake during session resumption, if SNI string is more than 32 characters in length

Last Modified: Mar 25, 2025

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.5.0

Fixed In:
17.1.2

Opened: Feb 08, 2024

Severity: 3-Major

Symptoms

When the SNI string is longer than 32 characters, the SSL handshake switches to the full handshake when session resumption is attempted.

Impact

SSL resumption would fail if the SNI string is more than 32 characters in length.

Conditions

- SSL resumption should be enabled in the client's SSL profile of their BIG-IP. - SNI string should be more than 32 characters in length of the SSL client Hello packet received from the user.

Workaround

using strings lesser than 32 characters for SNI

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips