Forum Discussion
Magnum_IP
Nimbostratus
Jun 02, 2011Client SSL Profile - Renegotiation setting
I am looking at the subtleties of the Renegotiation setting in the Client SSL Profile at the moment.
Can someone please tell me the difference between...
1. Not ticking the Custom tick box for the Renegotiation setting - ie leaving the Renegotiation setting grayed out
2. Ticking the Custom tick box for the Renegotiation setting but leaving the Renegotiation tick box unticked - ie specifically disabling Renegotiation
?
The Help for Renegotiation says...
Controls on a per-connection basis how the system responds to mid-stream SSL reconnection requests. When enabled, the system processes mid-stream SSL renegotiation requests. When disabled, the system terminates the connection, or ignores the request, depending on system configuration. The default is disabled.
If I check the bigip.conf when I implement the two scenarios above I can see that for scenario 1 the config states
renegotiate disable
but in scenario 2 the profile has no mention of renegotiate - does this mean renegotiation is disabled?
Regards,
fergu5
- hoolio
Cirrostratus
Hi fergu5, - Magnum_IP
Nimbostratus
Thanks Hoolio, that's got it clear in my head now. - hoolio
Cirrostratus
I got the gist of the question anyhow :)
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects