Bug ID 889601: OCSP revocation not properly checked

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1

Fixed In:
16.1.0, 16.0.1.2, 15.1.3, 14.1.4, 13.1.4

Opened: Mar 12, 2020

Severity: 3-Major

Related Article: K14903688

Symptoms

The revocation status of un-trusted intermediate CA certs are not checked when ocsp object is configured.

Impact

The SSL handshake continues eve if a certificate is revoked.

Conditions

When OCSP object revocation checking is configured in client and server SSL profiles

Workaround

None

Fix Information

OCSP revocation checking now working properly.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips