Operational Defect Database
BugZero found this defect 223 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
F5 | 1369673
OCSP unable to staple certificate chain
Last update date:
4/26/2024
Affected products:
BIG-IP
BIG-IP LTM
Affected releases:
16.1.0
16.1.1
16.1.2
16.1.2.1
16.1.2.2
16.1.3
16.1.3.1
16.1.3.2
16.1.3.3
16.1.3.4
16.1.3.5
16.1.4
Fixed releases:
No fixed releases provided.
Description:
Severity: 3-Major ... Symptoms ... When a server returns a certificate chain that involves an archived Let's Encrypt certificate, the OCSP is unable to staple the full chain. ... Impact ... The OCSP is unable to staple the certificate chain. ... If the stapling is required by the client, the connection will be broken. ... Conditions ... An OCSP is configured on the serverside profile, and the client tries to connect to a server that returns certificate chain using an archived Let's Encrypt certificate. ... Workaround ... None
