Bug ID 753925: CLIENTSSL_CLIENTCERT iRule event may not be triggered on TLSv1.3 connections

Last Modified: Nov 25, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8

Fixed In:
15.0.0

Opened: Dec 21, 2018
Severity: 4-Minor

Symptoms

The CLIENTSSL_CLIENTCERT iRule event may not be triggered on TLSv1.3 connections.

Impact

The CLIENTSSL_CLIENTCERT iRule event may not be triggered on TLSv1.3 connections.

Conditions

-- TLSv1.3 connection. -- Client SSL profile is configured with client certificate authentication (either 'request' or 'require'). -- An iRule depends upon the CLIENTSSL_CLIENTCERT event.

Workaround

None.

Fix Information

The system now sends CLIENTSSL_CLIENTCERT iRule event when client certificate authentication is configured on client SSL profiles TLS 1.3.

Behavior Change