Bug ID 795345: SSL connection terminated is logged for each SSL connection

Last Modified: Aug 28, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3

Opened: Jun 19, 2019
Severity: 4-Minor

Symptoms

The 'warning tmm1[12345]: 01260020:4: SSL Connection terminated for TCP <ip_address1> <ip_address2>' is logged as log level warning whenever an SSL connection is terminated and security.fips140.compliance is TRUE. These warning messages do not necessarily indicate an error; they indicate only that this connection has been terminated.

Impact

Cannot determine when unclean SSL-connection shutdown occurs. The system reports warning messages that potentially should be info-level messages. The messages in /var/log/tmm are generated as warnings regardless of an unclean or clean shutdown. The message should be under level info if SSL connection terminates cleanly and under level warning if SSL connection terminates uncleanly.

Conditions

-- SSL is enabled and in use. -- security.fips140.compliance is TRUE. Note: You cannot disable security.fips140.compliance as it depends on FIPS license. If you try to disable it, the system reports an error message: 01070734:3: Configuration error: Change to Security.FIPS140.Compliance DB variable not allowed without a corresponding change in the FIPS 140-2 Compliance license.

Workaround

None.

Fix Information

None

Behavior Change