Last Modified: Nov 23, 2020
Opened: May 26, 2020
If the server certificate status is revoked, SSL forward proxy configured with a new server SSL profile might drop the connection.
BIG-IP client connections are reset.
-- New SSL forward proxy server SSL profile is attached to the virtual server. -- Revoked-cert-status-response-control is set to the default value (drop). -- Certificate status service (e.g., CRL/OCSP) is configured on the server SSL profile.
Change revoked-cert-status-response-control to ignore on the server SSL profile.