For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Mar 11, 2014

2-way SSL (Client) and Renegotiation

Greetings! We have clients that use 2-way SSL on some of their pages/paths. One of the clients has recently ran a security scan and asked us we remove SSL renegotiation from their profile. Disabling ...

Icon for Noctilucent rank

Noctilucent

Mar 11, 2014

On the SSL server profile, change Secure Renegotiation to 'require' or 'require strict' in order to disable insecure negotiation. Keep in mind that if the back end server isn't patched for this, it could break SSL connections through the LTM.

Icon for Nimbostratus rank

Nimbostratus

Mar 12, 2014

Proxy SSL is not an acceptable solution for us as we terminate SSL connections at the F5. I believe our web servers are fully patched.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5