Bug ID 522552: SSL Certificates, Keys, and CRLs load upon configuration load might cause timeout.

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
11.4.1, 11.4.1, 11.4.1, 11.4.1

Fixed In:
11.4.1 HF10

Opened: May 11, 2015

Severity: 3-Major

Related Article: K41555452

Symptoms

When the system loads a configuration, SSL immediately reads any associated keys, certificates, and CRLs. This can take long enough that the watchdog timer fires causing TMM to restart.

Impact

TMM restarts.

Conditions

Many SSL profiles are in use.

Workaround

Use fewer SSL profiles.

Fix Information

Keys, certificates, and CRLs used by SSL are loaded on first use instead of when configured, which mitigates potential timeouts caused by SSL reading the associated keys, certificates, and CRLs for many SSL profiles.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips