For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

thomasliu's avatar
thomasliu
Icon for Nimbostratus rankNimbostratus
Nov 10, 2023

browser reports ERR_SSL_PROTOCOL_ERROR through V11

The latest browser reports "ERR_SSL_PROTOCOL_ERROR" error when connecting via HTTPS using LTM version V11. However, the connection works fine with V14. Could you please provide guidance on how to con...
application delivery
whisperer's avatar
whisperer
Icon for MVP rankMVP
Nov 10, 2023

You need to upgrade the BIG-IP software! Ciphers change every few years, and F5 updates these by manner of updates to both TMM and OpenSSL libraries. At the end of 2023, BIG-IP v14 is EOL, so your version of code is simply ancient. Support will not help you, and anyone else in their right mind will not help you. You simply need to upgrade. Please see the following for cipher support in different versions of code:

https://my.f5.com/manage/s/article/K05134218

Keep in mind, you can't upgrade old hardware, so you may need to buy new hardware. Also, you may not be able to buy support anymore on your hardware, and if you cannot extend the service check date, you cannot upgrade to code newer than that date.

It is also end of year. You have a business use case, perhaps leftover end of year budget left, some considerations.

Good luck.

thomasliu's avatar
thomasliu
Icon for Nimbostratus rankNimbostratus
Nov 12, 2023

Thank you for your response. The current version of my LTM1600 is 11.4. Upon reviewing the official information, I have found that 11.5 is already sufficient to support the current secure encryption algorithms, such as the AES-GCM cipher suites. Therefore, I intend to upgrade to version 11.5. Do you agree with my plan?
https://my.f5.com/manage/s/article/K13156#11.5.0