Cisco Bug: CSCun01941 - Passive cert scan fails for large certs in some cases
Apr 30, 2014
- Cisco ASA Next-Generation Firewall Services
Known Affected Releases
Symptom: When CX is not decrypting a TLS flow, some server certificates are not scanned correctly. Conditions: First sever segment contains ServerHello and subsequent tcp segments contain Certificate message and certificate is large enough to span across multiple tcp segments.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases