Last Modified: Nov 07, 2022
Affected Product:
See more info
BIG-IP LTM
Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5
Fixed In:
14.0.0, 13.1.0.6
Opened: Jan 09, 2018
Severity: 3-Major
Related Article:
K36563645
SSL handshake fails if the BIG-IP system is operating in ProxySSL mode, while client and server negotiate to use the Extended Master Secret and OCSP features together.
ProxySSL does not work properly with Extended Master Secret and OCSP simultaneously.
1. Virtual server is configured to work in ProxySSL mode. 2. Client and server negotiate the SSL handshake with the Extended Master Secret. 3. Client and Server negotiate to use the OCSP.
None.
Included the certificate status message in the calculation of Extended Master Secret.