Forum Discussion

Cirrus

Nov 03, 2022

Client SSL profile fall back

Hi Guys, We have some clients that use TLS1.0 whereas others use TLS1.2. Could clientssl_tls1 profile be used for clients that use TLS1.0 and clientssl_tls1.2 be used for clients that work with TL...

MVP

Nov 03, 2022

Hi Edouard ,

So basically, you need your vServer to accept requests on both TLS1.0 as well as TLS1.2 if I understood it correctly.

If that's so, then you can keep TLS1.0 as well as TLS1.2 enabled under associated client ssl profile. So single client-ssl profile will accept both requests and it will negotiate client on best possible match.

Additionally, if it is possible, try to keep all your vServers running on min TLS1.2 as lower SSL/TLS versions are prone to different vulnerabilties. You may be already knowing this but just thought of highlighting this also. Ty!

Hope it helps!

Mayur

Forum Discussion

Client SSL profile fall back

Recent Discussions

When F5OS r2800 appliance reboots, interfaces configured at tenant level for VLAN are lost

cat and grep command for rst messages

iControl for Gtm wideip

Telemetry streaming to Elasticsearch

Portal Access to HTTPS resources slow

Related Content

Client SSL Profile

Fall back IP

SSL Profiles

Server Profile SNI

SSL PROFILE - How to use multiple SSL Profile Client in Virtual Server