Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP All
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4
Fixed In:
12.1.0
Opened: Oct 03, 2015 Severity: 3-Major Related Article:
K24352211
When using clientcert ldap for system auth, setting the ssl_check_peer field to disabled has no effect. It will always behave as enabled. This setting is not exposed in the GUI; the change can only be made in tmsh, but it has no lasting effect.
No way to disable ssl_check_peer. User cannot connect. Although you can use tmsh to change the setting to 'no', enabling the user to connect, any time there is a modification to ldap config, the value gets reset to 'yes', and the issue returns.
Using clientcert ldap for system auth.
None.
Setting the ssl_check_peer field is now effective for system-auth ldap configs.