Cisco Bug: CSCua99477 - Incorrect Session-Verify-Result printed as "ok" for expired Client Cert
Jan 24, 2017
- Cisco ACE 4700 Series Application Control Engine Appliances
Known Affected Releases
Symptom: Configured action-list adds incorrect value in HTTP header, when SSL termination is configured on ACE and client connects with an expired certificate. HTTP verify-result header on server shows status is as "OK" instead of certificate is expired. The issue is only noticed when CRL check is configured on ACE. Conditions: CRL check should be configured and Client should connect with expired certificate.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases