Forum Discussion
client and server ssl profiles
Continuing from where we left off, the issue has now been resolved by doing the above changes, but still I don't think I have understood the issue clearly.
I had taken packet captures on F5 one when f5-default profile was attached and another when client/server insecure compatible profiles were attached.
Can anybody help me understand and compare these two packet captures.
I have attached both the screenshots.
Thank You.
we cant conclude the root cause from the picture because, not like client, ssl server doesnt disclose list of accepted ciphers.
ssl server just picks one match from cipher list sent by client.
you need to get the webserver config from the webserver admin.
it is normal in configuring LB that LB admin communicates with web/app server admin because LB is actually more application layer than network layer.
i guess your first ecdhe-aes128 server profile doesnt work because webserver doesnt accept ecdhe.
ecdhe is processing is quite heavy btw
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com