Bug ID 2197321

Bug Tracker
ID 2197321

Bug ID 2197321: BIG-IP does not select FFDHE key share provided by the client on session resumption.

Last Modified: Jan 08, 2026

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
17.1.3

Opened: Dec 30, 2025

Severity: 3-Major

Symptoms

Connection terminates if the client does not allow secure renegotiation, otherwise renegotiation occurs.

Impact

Connection terminates if the client does not allow secure renegotiation, otherwise renegotiation occurs.

Conditions

ClientSSL that uses FFDHEgroups and has session tickets enabled. The client tries to resume an SSL session with an FFDHE key share that used FFDHE previously.

Workaround

None

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips