Bug ID 1369673: OCSP unable to staple certificate chain

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
16.1.0, 16.1.1, 16.1.2,,, 16.1.3,,,,,, 16.1.4,,,, 17.0.0,,, 17.1.0,,,, 17.1.1,,,

Opened: Oct 05, 2023

Severity: 3-Major


When a server returns a certificate chain that involves an archived Let's Encrypt certificate, the OCSP is unable to staple the full chain.


The OCSP is unable to staple the certificate chain. If the stapling is required by the client, the connection will be broken.


An OCSP is configured on the serverside profile, and the client tries to connect to a server that returns certificate chain using an archived Let's Encrypt certificate.



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips