Forum Discussion
NimbostratusToo much SSL cert on 1 VS with HTTP/2 will cause TMM restart while modifying iRule
Too much SSL cert on VS + HTTP/2 will cause TMM restart while modifying iRule
In our test, over 8 SSL cert (even self-signed cert) on a virtual server with HTTP/2 enabled will cause unstable situation. Especially when modifying iRule, TMM will restart and all existing connections will be terminated.
over 8 SSL cert on 1 VS --> unstable, sometimes OK, sometimes NOT OK over 12 SSL cert on 1 VS -> Always TMM restart when changing iRule on the VS
JGCumulonimbus
Which version of BIG-IP are you using?
I'd say that is an unusual amount of SSL certs/profiles you have there configured for 1 vs.
Johoya_45947Version 12.1.2
We did it in production environment, AND, totally no problem if without HTTP/2. So I'd say it's a possible bug on BIG-IP.
- JG
HTTP/2 is a very different protocol, and it's unlikely to be tested with a large number of SSL certificates/profiles configured in this implementation, even though the protocol is now officially supported. :-)
I'd open a support case with F5 to get to the bottom of the issue.
- Johoya_45947
Thanks for help. Hope F5 can have a workaround on this issue, we spend lots of time to re-produce it as you saw above.
- JG
It's good that the issue is readily reproduced, which means quick diagnosis and hopefully also quick resolution.
- Johoya_45947
Yes, but it's a pity to heard from my colleague that F5 plan to solve it till version 14. Hope there is a quick/separate hotfix be released independently.
- JG
That could also mean that v14 is nigh. :-)