Last Modified: Nov 07, 2022
See more info
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2
Opened: Jul 20, 2016
While trying to log into the command line of BIG-IP as a remotely authenticated user, login will intermittently fail. You may see the following in /var/log/secure: "err httpd: pam_ldap: ldap_simple_bind Can't contact LDAP server" but the LDAP server is up and is accessible by the BIG-IP
The remote authentication service will fail to initiate a connection to the LDAP server with the ssl-check-peer setting enabled, even if the ssl-ca-cert-file is valid. It will terminate the connection and remote authentication will fail.
Remote authentication configured, users configured to use remote authentication, ssl-check-peer is enabled and one or more of these properties are different than "none": ssl-ca-cert-file, ssl-client-cert, ssl-client-key.
Disabling ssl-check-peer and setting ssl-ca-cert-file, ssl-client-cert and ssl-client-key to "none" can work around this issue.