Bug ID 744686: Wrong certificate can be chosen during SSL handshake

Last Modified: Jun 04, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.1.0, 14.1.0.1

Fixed In:
15.0.0, 14.1.0.2

Opened: Sep 20, 2018
Severity: 3-Major

Symptoms

If two certificates of the same type are configured in an SSL profile, one marked `usage CA' and the other not, the wrong one could be chosen during the handshake.

Impact

The wrong certificate could be chosen during the handshake.

Conditions

Two certificates of the same type are configured in an SSL profile.

Workaround

Do not configure two certificates of the same type on an SSL profile.

Fix Information

None

Behavior Change