Bug ID 447958: Slow client side SSL connection can be prematurely reset.

Last Modified: Mar 12, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.2.0, 11.2.1, 11.3.0, 11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 12.0.0

Fixed In:
12.1.0, 12.0.0 HF1

Opened: Feb 07, 2014
Severity: 3-Major
Related AskF5 Article:
K20503885

Symptoms

A slow clientside SSL connection may result in a timeout due to the default SSL timeout of 10 seconds. tm.rstcause may indicate 'SSL alert timeout exceeded'.

Impact

Data transfer might be interrupted.

Conditions

Clientside is clientssl, and the connection is such that it may require longer than 10 seconds to establish the connection.

Workaround

Increase the alert timeout value in the configuration.

Fix Information

A slow clientside SSL connection no longer results in a timeout, because the default SSL timeout is now indefinite.

Behavior Change