Bug ID 598052

Bug Tracker
ID 598052

Bug ID 598052: SSL Forward Proxy "Cache Certificate by Addr-Port", cache lookup fails

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP All(all modules)

Fixed In:
13.0.0, 12.1.1

Opened: Jun 08, 2016

Severity: 2-Critical

Symptoms

When enabling the SSL Forward Proxy "Cache Certificate by Addr-Port" on the client SSL profile, later flows on cached certificate lookups by "Addr-Port" do not hit the cache.

Impact

The client side certificate lookup failed, it may trigger the server side SSL handshake.

Conditions

Enable SSL Forward Proxy and use "Cache certificate by Addr-Port".

Workaround

None

Fix Information

With this fix, the certificate lookup by "Addr-Port" may have a cache hit.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips