Bug ID 433664: Performance degrades when using client certificates signed by 4k CA key/certs

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
10.0.0, 10.1.0, 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 11.0.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.5.1 HF1, 11.6.1 HF1, 11.5.1 HF2, 11.6.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.6.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.1.0, 11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.6.0

Opened: Oct 11, 2013

Severity: 3-Major

Symptoms

The SSL/TLS performance could be degraded when certificates signed by 4 KB CA keys/certs.

Impact

Using client certificate authentication and using 4k CA key/cert would have performance degrades.

Conditions

SSL/TLS profile, client certificate authentication enabled and the client certificates or the intermediate CA certificates are signed by 4k CA keys/certs.

Workaround

None.

Fix Information

Performance has been improved when using client certificates signed by 4 KB CA key/certs.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips