PD-17616 SSL Certificate Signing Request (CSR): In previous releases, a CSR generated on the LoadMaster uses a type of T61STRING for the Common Name. LoadMaster has been modified to use a type of UTF8String to conform with RFC5280.
PD-17606 UI SSL Certificate (Azure Only): In previous releases, for the Azure cloud only, the LoadMaster UI's SSL Certificate SAN (Subject Alternative Name) information was missing several fields: the LoadMaster Public IP Address, the DNS IP Address, and the Azure-LB IP Address (if applicable). These fields are now added to the Azure cloud LoadMaster UI certificate.
PD-17518 User Login Certificates: In previous releases, user certificates generated when adding a user with the "No Local Password" option enabled didn't contain any "Extended Key Usage" information. This issue has been fixed.
PD-16960 Logging / Security: Fixed a bug where the LoadMaster syslog server wasn't honoring the Outbound Connection Cipher Set setting when originating connections to a remote server.
PD-16937 Layer 7 (Chunked Content): When a Real Server returns chunked content, the LoadMaster can hang when processing the response and also experience memory exhaustion when under very high load. In adiition, responses to client may also be complressed even if compression is not configured. Content-length header can also be incorrect if server response is chunked, above 954 MB, and body rules are in use. This issue has ben addressed so that LoadMaster no longer hangs and runs out of memory; doesn't compress content when not configured; and, the content-length header is correct for large responses.
PD-16812 Authentication (LDAPS): Fixed an issue that caused LDAPS debug information to be displayed when a client certificate without email information is presented for UI authentication.
PD-16513 UI Authentication via LDAPS: Fixed a bug where LDAPS was not checking "Basic Constraints" as required for intermediate certs in a chain.
PD-16361 SSL Certificates: LoadMaster has been modified to reject an otherwise valid server certificate that lacks the Server Authentication purpose in the extendedKeyUsage field; no connection is established in this case.
PD-16342 Layer 7 POST Handling: Addressed various issues related to POST handling capabilities and error detection within L7, in particular with large POSTs and 401 responses from LoadMaster.