Bug ID 477789: SSL Certificate can accommodate & (ampersand) in the Common Name, Organization Name, Division and SAN.

Last Modified: Feb 13, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.3

Opened: Sep 03, 2014
Severity: 3-Major
Related AskF5 Article:
K16679

Symptoms

When an & (ampersand) character is entered for Common Name, Organization Name, Division or SAN in an SSL Certificate, the ampersand is escaped and replaced with an & string.

Impact

The system escapes the ampersand with an & string. Names such as AT&T that generate certificates that escape the ampersand character do not work as expected.

Conditions

Create or renew an existing certificate with an ampersand in the Common Name, Organization Name, Division, or SAN.

Workaround

None

Fix Information

The system now correctly converts the '&' (ampersand) character in the Certificate and ensures that the Peer Device process is still operating.

Behavior Change