Bug ID 2220009: OCSP monitoring of traffic certificates using a proxy server sends malformed HTTP host header

Last Modified: Feb 10, 2026

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4, 17.1.2, 17.1.2.1, 17.1.2.2, 17.1.3, 17.1.3.1, 17.5.0, 17.5.1, 17.5.1.2, 17.5.1.3, 17.5.1.4, 21.0.0, 21.0.0.1

Opened: Feb 05, 2026

Severity: 3-Major

Symptoms

The HTTP/1.1 request is malformed as the HOST header contains the host plus the path after it

Impact

The HTTP/1.1 OCSP request is malformed as the HOST header contains the host plus the path after it

Conditions

OCSP responder configured that 1. Enables "Use Proxy Server" 2. The responder URL has a path after the host

Workaround

None

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips