Bug ID 669025: Exclude the trusted anchor certificate in hash algorithm selection when Forward Proxy forges a certificate

Last Modified: May 14, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1, 12.1.3

Opened: Jun 13, 2017
Severity: 3-Major
Related AskF5 Article:
K11425420

Symptoms

SSL Forward Proxy signs a forged certificate with a hash algorithm. This selected hash algorithm is the weakest algorithm from the certificates in the server certificate chain except the self-signed certificate. Some of the intermediate CA certificates in the cert chain use the SHA1 hash algorithm. This kind of intermediate CAs usually is are the BIG-IP system's ca-bundle. BIG-IP receives the cert chain including the intermediate CA and forges the cert with SHA1, which is rejected by some web clients.

Impact

Clients cannot access the web server due to SSL handshake failure.

Conditions

-- The BIG-IP system is configured to use SSL Forward Proxy or SSL Intercept. -- Some intermediate CA in the web server's cert chain is using a weak algorithm like SHA1 to sign certificates. -- The web client rejects the weak-algorithm-signed certificate.

Workaround

There is no workaround at this time.

Fix Information

This fix excludes trusted CA certificates in hash algorithm selection. This may prevent forged certificate from using SHA1 hash algorithm.

Behavior Change