Bug ID 598052: SSL Forward Proxy "Cache Certificate by Addr-Port", cache lookup fails

Last Modified: Apr 10, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP All(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2

Fixed In:
13.0.0, 12.1.1

Opened: Jun 08, 2016
Severity: 2-Critical


When enabling the SSL Forward Proxy "Cache Certificate by Addr-Port" on the client SSL profile, later flows on cached certificate lookups by "Addr-Port" do not hit the cache.


The client side certificate lookup failed, it may trigger the server side SSL handshake.


Enable SSL Forward Proxy and use "Cache certificate by Addr-Port".



Fix Information

With this fix, the certificate lookup by "Addr-Port" may have a cache hit.

Behavior Change