Bug ID 425594: Incorrect Alert instead of using generic alert (handshake failure with fatal)

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.3.0, 11.4.0

Fixed In:
11.5.0

Opened: Jul 18, 2013
Severity: 3-Major
Related AskF5 Article:
K16931

Symptoms

In the current implementation, the BIG-IP system always sends handshake failure with fatal level for all Alert messages.

Impact

Always send handshake failure with fatal level in Alert messages regardless of the reason.

Conditions

Sending Alert messages.

Workaround

None.

Fix Information

Added an option (generic-alert) to client-ssl/sever-ssl profile, when generic-alert is set to TRUE, the BIG-IP system keeps the current implementation and sends all fatal-level Alert message with 'handshake failure.' Otherwise, the system sends the correct Alert message. The default is set to TRUE.

Behavior Change