Bug ID 451003: SSL/TLS client certificate verification may fail due to SHA algorithms that are advertised but not supported ... Last Modified: Apr 28, 2025 ... Symptoms ... When using ClientSSL, client certificate authentication may fail, if client certificate authentication is set to 'request' or 'require'. ... Impact ... SSL/TLS connections fail to establish for some clients on virtual servers that request or require client certificates. ... Conditions ... This occurs when the following conditions are met: -- A ClientSSL profile exists on the virtual server. -- The ClientSSL profile is configured with client certificate authentication set to 'request' or 'require.' -- The client responds with a certificate signed by one of the following affected signature algorithms: SHA256-RSA(0x0401), SHA384-RSA(0x0501), or SHA512-RSA(0x0601). ... Fix Information ... Unsupported SHA algorithms have been removed, so SSL/TLS client certificate verification completes successfully. ... Behavior Change