Bug ID 744532: Websso fails to decrypt secured session variables

Last Modified: Oct 17, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 14.0.0,,,,,, 14.0.1,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,

Fixed In:

Opened: Sep 19, 2018

Severity: 3-Major


Whenever websso tries to decrypt secure session variables, the following error is seen /var/log/apm: Aug 15 21:36:25 abcd err websso.0[20421]: 014d0028:3: /Common/Test_PRP:Common:2b8e7abc: Master Decrypt failed for user test with error 'ckDecrypt: invalid ciphertext' Aug 15 21:36:25 abcd info websso.0[20421]: 014d0009:6: /Common/Test_PRP:Common:2b8e7abc: Websso basic authentication for user 'test' using config '/Common/sso_test_obj'


Single Sign-On (SSO) won't work correctly.


- Per-req policy is attached to virtual server. - Secure subsession variables are assigned to session variables using Variable Assign Agent in per-req policy. - SSO Configuration Select agent is used in per-req policy.


There is no workaround at this time.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips