Last Modified: Oct 16, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
10.2.4, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.5.3 HF2, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.3.0, 11.4.1, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Fixed In:
11.6.0 HF5, 11.5.4, 11.4.1 HF6
Opened: May 28, 2014 Severity: 3-Major Related Article:
K16636
Two or more root certificates with the same 'subject' and 'issuer' but different serial numbers may cause the tmm to core. The core was due to an assert failure in size caused by a loop in certificate chain construction.
Traffic disrupted while tmm restarts.
When multiple certificates with the same 'subject' and 'issuer' are in a CA file, and the CA file is configured in SSL profile as trusted CAs.
Keep only one certificate for a given 'subject' and 'issuer' in CA file. Do not leave two certificates with the same 'subject' and 'issuer' in a CA file.
Resolved a failure when the customer installs another self-signed certificate with same subject/issuer before a self-signed certificate expires.