Bug ID 872721: SSL connection mirroring intermittent failure with TLS1.3

Last Modified: Sep 30, 2020

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5

Fixed In:
16.0.0

Opened: Jan 25, 2020
Severity: 3-Major

Symptoms

Intermittent failure of standby connection mirroring TLS1.3 handshake.

Impact

Standby device fails tls handshake, active success so connection succeeds but not mirrored.

Conditions

TLS1.3 and connection mirroring. More easily reproduces with ecdsa signature.

Workaround

None

Fix Information

Standby device now uses correct signature size if it differs from active device.

Behavior Change