Bug ID 1389033: In an iRule SSL::sessionid returns an empty value

Last Modified: Jun 14, 2024

Affected Product(s):
BIG-IP Install/Upgrade, LTM(all modules)

Known Affected Versions:
15.1.9,, 15.1.10,,,,, 16.1.3,,,,,, 16.1.4,,,, 17.0.0,,, 17.1.0,,,, 17.1.1,,,

Opened: Oct 26, 2023

Severity: 3-Major

Related Article: K000137430


The irule SSL::sessionid command used returns an empty value after an upgrade to v15.1.9.1, when used with a TLS1.3 session. While SSL::sessionid in v15.1.8.2 returns the value specified in the ClientHello for a TLSv1.3 session, upgrading to v15.1.9.1 results in empty values returned when calling SSL::sessionid.


SSL::sessionid returns an empty value, which could result in unintended behavior for applications that use that iRule command.


1. Use SSL::sessionid in an iRule 2. Use an affected BIG-IP version 3. Client establishes a TLS1.3 connection



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips