Last Modified: May 20, 2022
See more info
Known Affected Versions:
16.1.0, 16.1.1, 16.1.2, 220.127.116.11
Opened: Jan 01, 2021
SSL handshake failures occur with the backend server revoked certificate in case of reverse proxy.
Ssl handshake failures due to revoked server certificate
1. BIG-IP LTM configured as SSL reverse proxy. 2. revoked-cert-status-response-control set to ignore in the server ssl profile. 3. server certificate authentication set to "require" in the server ssl profile.
1. Set the server certificate authentication to ignore in the server ssl profile.
Added checks to validate the certificate as well as the flags set (ignore/drop) for the revoked certificate.