Bug ID 477789: SSL Certificate can accommodate & (ampersand) in the Common Name, Organization Name, Division and SAN.

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4

Fixed In:
12.0.0, 11.6.0 HF5, 11.5.3

Opened: Sep 03, 2014

Severity: 3-Major

Related Article: K16679


When an & (ampersand) character is entered for Common Name, Organization Name, Division or SAN in an SSL Certificate, the ampersand is escaped and replaced with an & string.


The system escapes the ampersand with an & string. Names such as AT&T that generate certificates that escape the ampersand character do not work as expected.


Create or renew an existing certificate with an ampersand in the Common Name, Organization Name, Division, or SAN.



Fix Information

The system now correctly converts the '&' (ampersand) character in the Certificate and ensures that the Peer Device process is still operating.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips