Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP All
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.0.0 HF1, 12.0.0 HF2
Fixed In:
12.1.0, 12.0.0 HF3
Opened: Jun 24, 2015
Severity: 3-Major
Related Article:
K54135079
In some circumstances LDAP may fail to setup StartTLS on the server-side when instructed by a LDAP client when the LDAP virtual server is in use with a persistence profile.
Serverside does not upgrade to TLS.
- LDAP virtual server with client and server profiles. - LDAP profiles with STARTTLS Activation Mode set to Allow. - Persistence profile (for example, src addr persistence).
Do not use LDAP virtual server in conjunction with persistence.
The BIG-IP system now correctly upgrades the serverside connection of a LDAP virtual server to TLS.
