For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Kleython_Kell_5's avatar
Kleython_Kell_5
Icon for Nimbostratus rankNimbostratus
Jul 11, 2012

Browsers and profile SSL Client

Hi,       I'm doing a lab. Simulating a lab using SSL client certificate.       I had already did this lab some times, but its the first time that I test with diferrent browse...
config
design
Brian_Van_Stone's avatar
Brian_Van_Stone
Icon for Nimbostratus rankNimbostratus
Jul 17, 2012
It may be that the version of the browsers you are testing with are out of date. This can have two consequences...

 

 

1. The browser only supports SSL ciphers that LTM by default will not use.

 

2. The browser does not support secure SSL renegotiation, which LTM by default will require.

 

 

Try using the "clientssl-insecure-compatible" client SSL profile and see if this resolves your issue.

 

 

I'm running v11.2 and I'm not sure when they added the insecure-compatible profiles, or if they were always there. If you don't have it...

 

1. Create a new client SSL profile with "clientssl" as the parent.

 

2. Check the custom checkbox next to "Ciphers" and provide value of "!SSLv2:ALL:!DH:!ADH:!EDH:@SPEED"

 

3. Check the custom checkbox next to "Secure Renegotiation" and provide value of "Request"

 

4. Save this profile and apply it to your VS in place of the "clientssl" selection for "SSL Profile (Client)"

 

 

Hope this helps,

 

-Brian