Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10
Fixed In:
11.4.1 HF4
Opened: Mar 12, 2014 Severity: 3-Major Related Article:
K17178
Machine Certificate Checker service always fails to get a certificate and key if any rule is used except "Match Subject CN to FQDN."
Limited user fails to pass the AP.
Machine Certificate Checker service installed Current user on client Windows machine is limited Machine Certificate Checker Agent configured to any other rule than "Match Subject CN to FQDN."
Use power user and allow UAC elevation at Agent. Use "Match Subject CN to FQDN" rule.
Previously Machine Certificate Checker worked only in "Subject CN match FQDN" mode, now it correctly processes any matching rules.