Bug ID 674362: TMM crashes due to inconsistent SSL forward proxy state in two-unit SSLo deployment

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
12.1.2, 12.1.3,,,,,,,, 12.1.4,, 12.1.5,,,, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3

Fixed In:
13.1.0, 13.0.1

Opened: Jul 17, 2017

Severity: 2-Critical


A race condition between SSL forward proxy lookup forged certificate and the server SSL handshake could cause the invalid forge certificate state with a NULL hash algorithm, causing tmm panics.


TMM generates a core file. Traffic disrupted while tmm restarts.


-- Two-unit SSLo deployment. -- Transparent or explicit proxy modes.


There is no workaround at this time.

Fix Information

This race condition no longer occurs, so the issue no longer occurs.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips