Forum Discussion

Benjamin_8557's avatar
Benjamin_8557
Icon for Altostratus rankAltostratus
May 11, 2016

[Certificate Client Authentication] ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Hi,

 

I use client certificate to authenticate access to a web service. The client certificate is self-signed and I check it with the default BigIP CA.

 

But, when I request the web service with chrome and firefox, the browser warn me: ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

 

With Internet Explorer, there is no warning message and I can access to my web service with the green URL.

 

I can successfully acces the VS with all web browsers when I disable the client authentication which proves that my cipher suite is correct.

 

My SSL profile settings are: Ciphers : DEFAULT:!RC4:!SSLv3 Client certificate: require Frequency: once

 

do you have any ideas about this behaviour and how i can solve it?

 

thank you, regards,

 

Benjamin

 

8 Replies

  • Hello,

     

    This message indicates that the SSL version or the Cipher list supported by the F5 and its peer (the client) doesn't match.

     

    You should do a tcpdump on the client or on the F5 system to check the ssl handshake. You may see that there is no matching ciphers between the browser and the VS.

     

    You can also setup the debug level for SSL on System >> Logs >> Options

     

    • Benjamin_8557's avatar
      Benjamin_8557
      Icon for Altostratus rankAltostratus
      thank you for these advices. By default, the SSL handshake is done in TLSv1.2. What I see in my ltm log: Connection error: ssl_select_suite:4136: TLS_FALLBACK_SCSV with a lower protocol (86) I disabled the TLSv1.2 on my SSL profile. Now it works in TLSv1.1 but I still don't understand why the SSL handshake fails with TLSv1.2 . thank you;
    • Yann_Desmarest's avatar
      Yann_Desmarest
      Icon for Cirrus rankCirrus
      When you trace the ssl connection, what are the cipher list advised by each peer and which ssl version is used ? I already seen changes between ssl version and ciphers advised when using or not using Client Authentication
    • Yann_Desmarest's avatar
      Yann_Desmarest
      Icon for Cirrus rankCirrus
      How did you configured the Client certificate option : Require, Request or Ignore ? If set in Require, try setting Request and TLS1.2 enabled Moreover, the TLS_FALLBACK_SCSV option allow the server (bigip) to reject a connection if the client use TLS1.1 and the TLS_FALLBACK_SCSV field but the server support at best TLS1.2. When Client Certificate is enabled, the client may try to establish a session using TLS1.1. And without client cert, the client may use TLS1.2.
  • Hello,

     

    This message indicates that the SSL version or the Cipher list supported by the F5 and its peer (the client) doesn't match.

     

    You should do a tcpdump on the client or on the F5 system to check the ssl handshake. You may see that there is no matching ciphers between the browser and the VS.

     

    You can also setup the debug level for SSL on System >> Logs >> Options

     

    • Benjamin_8557's avatar
      Benjamin_8557
      Icon for Altostratus rankAltostratus
      thank you for these advices. By default, the SSL handshake is done in TLSv1.2. What I see in my ltm log: Connection error: ssl_select_suite:4136: TLS_FALLBACK_SCSV with a lower protocol (86) I disabled the TLSv1.2 on my SSL profile. Now it works in TLSv1.1 but I still don't understand why the SSL handshake fails with TLSv1.2 . thank you;
    • Yann_Desmarest_'s avatar
      Yann_Desmarest_
      Icon for Nacreous rankNacreous
      When you trace the ssl connection, what are the cipher list advised by each peer and which ssl version is used ? I already seen changes between ssl version and ciphers advised when using or not using Client Authentication
    • Yann_Desmarest_'s avatar
      Yann_Desmarest_
      Icon for Nacreous rankNacreous
      How did you configured the Client certificate option : Require, Request or Ignore ? If set in Require, try setting Request and TLS1.2 enabled Moreover, the TLS_FALLBACK_SCSV option allow the server (bigip) to reject a connection if the client use TLS1.1 and the TLS_FALLBACK_SCSV field but the server support at best TLS1.2. When Client Certificate is enabled, the client may try to establish a session using TLS1.1. And without client cert, the client may use TLS1.2.