Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
12.1.2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Fixed In:
14.0.0
Opened: Jul 14, 2017 Severity: 3-Major
When multiple client SSL profiles are attached to a virtual server, each must share the same ciphers, authenticate, authenticate depth, peer-cert mode, and, if peer-cert mode is require, CRL. Otherwise, the system posts an error similar to the following: 0107157c:3: Selected client SSL profiles do not match security policies for Virtual Server <vs-name>.
Error message. Cannot attach multiple, differing client SSL profile.
1. Create two client SSL profiles, one of which requires client certificate and the other does not. 2. Try to assign these profile to the same virtual server.
Assure that all client SSL profiles attached to a virtual share the same security attributes.
Now, each client SSL profile attached to a single virtual server can have different security settings.