Bug ID 1037257: SSL::verify_result showing wrong output for revoked cert during Dynamic CRL check

Last Modified: Jan 06, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,

Opened: Jul 29, 2021
Severity: 3-Major


In logs the result of Dynamic CRL validation using SSL::verify_result is appearing as 0, which is not correct.


Incorrect information that certification validation is successful for a revoked certificate is logged.


1. Use Dynamic CRL 2. Use a REVOKED certificate


Static CRL method of certificate validation can be used.

Fix Information


Behavior Change