Forum Discussion
NimbostratusBIG-IP: forward proxy to translate TLS 1.0 to 1.2?
We have some home-grown applications that reach out and grab files from our vendors (this is huge simplification of the process) but the applications are based on an ancient version of Java that only supports TLS 1.0.
We're working on updating the Java codebase but it's going to be a couple of years until the project is totally done. In the mean time we need to translate TLS 1.0 to 1.2 by means of a forward proxy; would the BIG-IP appliance be able to do this? We like the idea of the BIG-IP product for more than the forward proxy (WAF, etc), but we need to be sure that it can forward proxy TLS before we go with it.
Any insights/suggestions would be appreciated!
- P_K
Altostratus
question- are both client & server internal? something like this
Client(internal) --> F5 --> Server(Internal)or
Internal Client --> F5 --> External server(vendor) and you are trying to do
Client(TLSv1.0) ---> F5(convert to TLSv1.2) ---> External server(vendor) 
Random_SkeletonThank you for clarifying; it would be the second scenario:
Internal Client --> F5 --> External server(vendor) and you are trying to do Client(TLSv1.0) ---> F5(convert to TLSv1.2) ---> External server(internet facing vendor)
- P_K
Check this post ,looks similar to your needs https://community.f5.com/t5/technical-forum/change-client-tls-version-through-f5-server-connection/m-p/77423
