Bug ID 542724: If there is OCSP Stapling enabled on a clientSSL profile, under certain remote conditions, TMM could crash

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
12.1.0, 11.6.1

Opened: Aug 31, 2015

Severity: 3-Major

Related Article: K29441414

Symptoms

If there is OCSP Stapling enabled on a clientSSL profile, under certain remote conditions, TMM could crash.

Impact

Traffic disrupted while tmm restarts.

Conditions

This occurs when the following conditions are met: - There is an OCSP request in progress. - There is a configuration change. - The handshake is aborted. - The HTTP response for the OCSP request indicates a status code that is not 200.

Workaround

None.

Fix Information

TMM no longer crashes if there is OCSP Stapling enabled on a clientSSL profile, under certain remote conditions.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips