Bug ID 686972: The change of APM log settings will reset the SSL session cache.

Last Modified: Oct 06, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP APM, LTM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,

Fixed In:

Opened: Oct 03, 2017
Severity: 3-Major


If you change the configuration of APM log settings, it might cause the SSL session cache to be reset. Also, subsequent resumption of SSL sessions may fail after such change causing a situation where full ssl handshakes may occur more frequently.


The change of APM log settings resets the SSL session cache, which causes the SSL session to initiate full-handshake instead of abbreviated re-negotiation.


-- Change the configuration of APM log settings. -- SSL session cache is not empty.


Follow this procedure: 1. Change access policy. 2. The status of that access policy changes to 'Apply Access Policy'. 3. Re-apply that.

Fix Information

The change of APM log settings now limits its effect on APM module instead of affecting other (SSL) module's data.

Behavior Change