Bug ID 477789: SSL Certificate can accommodate & (ampersand) in the Common Name, Organization Name, Division and SAN.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.3

Opened: Sep 03, 2014
Severity: 3-Major
Related AskF5 Article:


When an & (ampersand) character is entered for Common Name, Organization Name, Division or SAN in an SSL Certificate, the ampersand is escaped and replaced with an & string.


The system escapes the ampersand with an & string. Names such as AT&T that generate certificates that escape the ampersand character do not work as expected.


Create or renew an existing certificate with an ampersand in the Common Name, Organization Name, Division, or SAN.



Fix Information

The system now correctly converts the '&' (ampersand) character in the Certificate and ensures that the Peer Device process is still operating.

Behavior Change