Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

ztan's avatar
ztan
Icon for Nimbostratus rankNimbostratus
Mar 03, 2025

Disable ssl or https for the embed url

I created the iApp application service using secure web gateway template, I noticed when we go the webpage, z-INTEL, that we can't load some chart and diagram from embed the https url, https://cdn.fu...
application delivery
Enes_Afsin_Al's avatar
Enes_Afsin_Al
Icon for MVP rankMVP
Mar 26, 2025

Hi Ztan,

Since the webpage is running SSL, disabling SSL or redirecting to http will not work.

The problem may be caused by SSL SNI. When I send request to cdn.fusioncharts website without SNI extension in Client hello package, I get reset packet. 

I am not sure if there is a configuration for SNI in the Secure Web Gateway configuration. The following article says the following: For SSL-encrypted traffic, select Use SNI in Client Hello (if SNI is not available, use Subject.CN) or Use Subject.CN in Server Cert.
https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-access-policy-manager-secure-web-gateway/per-request-policy-configuration-for-swg.html