Last Modified: Nov 22, 2021
Affected Product(s):
BIG-IP LTM
Fixed In:
13.1.0
Opened: Apr 19, 2017 Severity: 3-Major
Each HTTPS monitor has its own cert, key, cipherlist, compatibility, and partition attributes for SSL-related functionality. Depending on the configuration, hardware, and number of HTTPS monitors, rolling forward a configuration with a number of HTTPS monitors might impact performance, memory usage, capacity, and compatibility.
Potential impact on performance, memory usage, capacity, and compatibility as the roll-forward process creates each HTTPS monitor.
These attributes of HTTPS monitors are of the same values: cert, key, cipherlist, compatibility, and partition, but occur in multiple HTTPS monitors.
N/A
To streamline the number of SSL profiles when rolling forward HTTPS monitors, if multiple HTTPS monitors contain attributes (cert, key, cipherlist, compatibility, and partition), with the same values, the monitors with same-value attributes will share one SSL profile, instead of having multiple sets of attributes, one for each HTTPS monitor. Note: Although there are fewer SSL profiles, if you want to change any of these attributes for one specific HTTPS monitor, you might have to add an SSL profile for it.
Original behavior: Each HTTPS monitor has its own cert, key, cipherlist, compatibility, and partition attributes for SSL-related functionality. New behavior: These SSL-related attributes are deprecated, and an SSL profile is created in lieu of those attributes. When rolling forward, instead of creating one SSL profile for each HTTPS monitor, one SSL profile will be shared by possibly many HTTPS monitors, if the specified attributes are of the same value.