Bug ID 500945

Bug Tracker
ID 500945

Bug ID 500945: Firefox 35 or later cannot connect to BIG-IP virtual server with clientssl profile in TLS1.2

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.1, 11.2.1

Fixed In:
11.4.1 HF9

Opened: Jan 14, 2015

Severity: 2-Critical

Symptoms

Firefox 35 fails to negotiate security protocol during SSL handshake with BIG-IP's virtual server in case of client SSL profile contains Client Certificate Authentication (request/require). Issue is reproducible only with new Firefox 35 beta (35.0) or later when using TLS1.2.

Impact

Cannot connect to the BIG-IP virtual server using the Firefox version 35 or later.

Conditions

This occurs when using Firefox version 35 or later to connect to virtual server using TLS1.2.

Workaround

Any of the below 2 methods will work. 1. Use a different browser. Or 2. Disable TLS1.2 (configure No TLSv1.2 in the Options List of the ClientSSL profile).

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips