Preview Tool

Cisco Bug: CSCta34241 - SSL resumed handshake issues

Last Modified

Feb 22, 2014

Products (1)

  • Cisco ACE 4700 Series Application Control Engine Appliances

Known Affected Releases


Description (partial)

(1) ACE still uses invalid session ID in client hello.
(2) Clients re-using the session ID that was overwritten by newer entry on ACE failed in handshake.

(1) In BE SSL scenario, after ACE and server are able to complete resumed handshake, the server disabled SSL session ID reuse. ACE still sends client hello containing the session ID previously generated by the server.
(2) In FE SSL scenario, when the client tries to perform a resumed handshake with ACE using the session ID which was overwritten by newer entry on ACE, the resumed handshake failed and ACE doesn't continue with a full handshake with the client.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.