Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5
Fixed In:
14.0.0, 13.1.0.6
Opened: Feb 20, 2018 Severity: 2-Critical
TMM would crash if SSL Client profile could not load cert-key-chain successfully, and SSL is working in the fwd-proxy-mode.
Traffic disrupted while tmm restarts.
1. SSL is working in the fwd-proxy-mode. 2. SSL could not load the cert-key-chain in the clientssl profile successfully. There could be couple of reasons: 2.1.We fail to configure the password required by the cert-key-chain. 2.2.Configured cert-key-chain type is not supported. 2.3.cert-key-chain name is incorrect.
Configure the cert-key-chain in the clientssl profile correctly.
If we fail to load the cert-key-chain in the clientssl profile, and ssl is working in the fwd-proxy-mode, we will mark the corresponding ssl clientssl profile as invalid, then we will not accept the incoming SSL handshake destined to this profile.