Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP All
Fixed In:
13.0.0, 12.1.1
Opened: Jun 08, 2016 Severity: 2-Critical
When enabling the SSL Forward Proxy "Cache Certificate by Addr-Port" on the client SSL profile, later flows on cached certificate lookups by "Addr-Port" do not hit the cache.
The client side certificate lookup failed, it may trigger the server side SSL handshake.
Enable SSL Forward Proxy and use "Cache certificate by Addr-Port".
None
With this fix, the certificate lookup by "Addr-Port" may have a cache hit.