Forum Discussion

JAIME_QUIROGA_1

Icon for Nimbostratus rank

Nimbostratus

Oct 20, 2014

Solved

How do you select right chiper?

Hi I need you to help me, I have a problem with a virtual Server that uses SSL, I have captured traffic and I see that the client gives a fatal error, I think that the root cause of the error is...

application delivery

John_Heyer_1508
Dec 09, 2014
Cipher's aren't the problem - the capture shows you're negotiating the "DES-CBC3-SHA" cipher, which is the F5's default for SSLv3 clients. RC4-SHA and RC4-MD5 are also options for SSLv3 if the client doesn't support 3DES.

Instead, the issue here is actually with your certificate. It's SHA-2 signed, and SSLv3 only knows about SHA-1 and MD5. You'll need to have the CA re-issue the certificate in SHA-1 format. Note that it won't be possible to get SHA-1 certificates starting in about 2016, so you'll need to upgrade your application to support TLS before then.

Icon for Employee rank

Employee

Oct 21, 2014

if client and server (bigip) do not share cipher, i think bigip could send reset right away after getting client hello.

Troubleshooting TLS Problems With ssldump by George Watkins

https://devcentral.f5.com/articles/troubleshooting-tls-problems-with-ssldump

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Bram - January 2026 Featured Member

DevCentral News

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5