Forum Discussion

ghaidaF's avatar
ghaidaF
Icon for Nimbostratus rankNimbostratus
Feb 13, 2024

enable ASM (WAF) on VIP

Hello,  I create a new VIP, it request to add WAF on it. I tired to allow/disable ASM policy with HTTP Profile (Client): http & SSL Profile (Client) but I get error below: 400 Bad Request The p...
security
sandy16's avatar
sandy16
Icon for Altostratus rankAltostratus
Feb 13, 2024

Hi, you need to have client SSL Profile, Server SSL profile and HTTP Profile applied to the VIP. Make sure the client SSL profile includes the proper certificate/key pair of your FQDN. 

  • ghaidaF's avatar
    ghaidaF
    Icon for Nimbostratus rankNimbostratus
    Feb 14, 2024

    thank you for your quick response. 

    When I tried I get this error message, 

    An error occurred during a connection to 0.0.0.0 SSL received a record that exceeded the maximum permissible length.

    Error code: SSL_ERROR_RX_RECORD_TOO_LONG




    I'm think to remove SSL client as it exists same on backend side , i thought it is enough

    is there any solution to add Policy ( asm-waf) without choosing any protocol on  HTTP Profile ?
    I tried to chose none but it choose the below when i tried to add policy 

    : Web Security profile requires an HTTP profile to be associated with the virtual server