Last Modified: Nov 07, 2022
See more info
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52
Opened: Jan 09, 2018
Related Article: K36563645
SSL handshake fails if the BIG-IP system is operating in ProxySSL mode, while client and server negotiate to use the Extended Master Secret and OCSP features together.
ProxySSL does not work properly with Extended Master Secret and OCSP simultaneously.
1. Virtual server is configured to work in ProxySSL mode. 2. Client and server negotiate the SSL handshake with the Extended Master Secret. 3. Client and Server negotiate to use the OCSP.
Included the certificate status message in the calculation of Extended Master Secret.