Last Modified: Feb 27, 2019
See more info
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3
13.1.0, 13.0.1, 12.1.3
Opened: Jun 13, 2017
Related AskF5 Article: K11425420
SSL Forward Proxy signs a forged certificate with a hash algorithm. This selected hash algorithm is the weakest algorithm from the certificates in the server certificate chain except the self-signed certificate. Some of the intermediate CA certificates in the cert chain use the SHA1 hash algorithm. This kind of intermediate CAs usually is are the BIG-IP system's ca-bundle. BIG-IP receives the cert chain including the intermediate CA and forges the cert with SHA1, which is rejected by some web clients.
Clients cannot access the web server due to SSL handshake failure.
-- The BIG-IP system is configured to use SSL Forward Proxy or SSL Intercept. -- Some intermediate CA in the web server's cert chain is using a weak algorithm like SHA1 to sign certificates. -- The web client rejects the weak-algorithm-signed certificate.
There is no workaround at this time.
This fix excludes trusted CA certificates in hash algorithm selection. This may prevent forged certificate from using SHA1 hash algorithm.