Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1
Fixed In:
14.0.0
Opened: Aug 03, 2017 Severity: 3-Major
Some authentication requests never complete. APMD responsiveness degrades over time and eventually restarts.
APMD responsiveness degrades over time, usually weeks, before eventually restarting.
The CRL Authentication server must be alive enough to accept connections but busy enough to drop requests without closing connections.
Restarting the CRL Authentication server usually releases the waiting threads and restores APMD responsiveness. Using a BIG-IP monitor for the CRL backend can detect the issue and allow recovery before the need for APMD to restart.
CRL agent now times out and returns an error when the CRL server becomes unresponsive.
The CRL Authentication agent now times out and returns an error instead of waiting forever. In previous releases, if enough threads were waiting, APMD performance degraded and eventually restarted.