Forum Discussion
Forcing full ssl handshake
Hi guys,
I got serverside ssl working between F5 and two poolmembers. We have come across a requirement in which we need to have all ssl sessions to be negotiating via a full ssl handshake.
Does anyone know how I can make it do full ssl handshake for each and every session? Currently the F5 is doing a full ssl handshake at the start. Then resume handshakes are used for each and every session between F5 and pool member after the full handshake.
2 Replies
- JG
Cumulonimbus
Would the following do it for you:
-
Disable oneconnect;
-
Set cache size to 0 and enable "Strict Resume" in your SSL profile
?
But your service will be crawling after this. :-)
-
i doubt it will be crawling.
you could also just close the SSL and TCP session from an irule at the point when it is needed.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com