Forum Discussion
F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2
- Jan 31, 2020
Hi all.
I found the root cause. The problem was related to the .NET app using SNI. By default the F5 doesn't do that.
https://devcentral.f5.com/s/articles/ssl-profiles-part-7-server-name-indication
So basically I just followed the fix in the above article, I defined a server name and the backend service started sending Server Hello etc. Everything works fine now!
Thank you all for your responses, as quite a few of them were helpful on identifying that the issue is with the app, and I could also spot a few things that were not proper on the negotiation part.
Hi pstavr,
Is this issue resolved? i have the same problem with this.
What solution do you use to improve from the F5 side?
Thanks
Hi Bonow.
Yes, it was happening because the backend servers required SNI support. I have posted an article above from F5 where you can see the solution.
- BobowApr 03, 2020Cirrus
Well noted. Thank You Bro!
- jaikumar_f5Apr 06, 2020MVP
, did your issue resolve. The reason I ask is, there are multiple scenarios where this could happen. One such is shared above, its not that yours could also be as same as above. If its same and issue is fixed. Good to know...
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com