For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MODdev_119626's avatar
MODdev_119626
Icon for Nimbostratus rankNimbostratus
Mar 11, 2014

2-way SSL (Client) and Renegotiation

Greetings! We have clients that use 2-way SSL on some of their pages/paths. One of the clients has recently ran a security scan and asked us we remove SSL renegotiation from their profile. Disabling ...
Cory_50405's avatar
Cory_50405
Icon for Noctilucent rankNoctilucent
Mar 19, 2014

Yes, proxy SSL was introduced in v11. Unsure exactly which version right off hand but we have it in 11.2

 

  • MODdev_119626's avatar
    MODdev_119626
    Icon for Nimbostratus rankNimbostratus
    Mar 19, 2014
    OK. Does it mean we don't have any solution for to have the renegotiation disabled and client SSL authentication at the same time unless we upgrade the F5s?
  • Cory_50405's avatar
    Cory_50405
    Icon for Noctilucent rankNoctilucent
    Mar 19, 2014
    Unfortunately you'll have to upgrade to get the functionality. Though the server could be patched to eliminate the vulnerability and you wouldn't need to upgrade. I'm no server guy so I don't know what kind of effort that would entail.