Cisco Bug: CSCta34241 - SSL resumed handshake issues
Feb 22, 2014
- Cisco ACE 4700 Series Application Control Engine Appliances
Known Affected Releases
Symptom: (1) ACE still uses invalid session ID in client hello. (2) Clients re-using the session ID that was overwritten by newer entry on ACE failed in handshake. Conditions: (1) In BE SSL scenario, after ACE and server are able to complete resumed handshake, the server disabled SSL session ID reuse. ACE still sends client hello containing the session ID previously generated by the server. (2) In FE SSL scenario, when the client tries to perform a resumed handshake with ACE using the session ID which was overwritten by newer entry on ACE, the resumed handshake failed and ACE doesn't continue with a full handshake with the client.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases