Forum Discussion
Nimbostratushow to identify default ssl key used in ssl-bridging ?
I have configured ssl-bridging for an application, clients are reporting connectivity issues. I'm trying to decrypt the traffic to identify the issues. I tried to decrypt the traffic from F5 to the back-end node using the following command. However I'm confused which is the default server key I have to refer here.
ssldump -AdenN -k -r /var/tmp/test.pcap > /var/tmp/test_decrypt.dumpThe file location
/config/filestore/files_d/Common_d/certificate_key_d/Can someone let me know how to know identify the name of the key the ssl bridging will consider in this case.
IainThomson85_1Cumulonimbus
If you've got SSL Offload on the device, the key you'll want to use is the key associated with the Server SSL Profile.
If the F5 isn't involved in the SSL handshake - I.e. its SSL "Passthrough" and is a FastL4/Forwarding VIP. you won't see the SSL handhsake and therefore won't eb able to decrypt the packets...
newf5learnerHi Thomson,
Its a standard VIP with ssl-bridging and with default server ssl profile.
As it would be a fully proxy connection.
client <-----client ssl profile -----> F5 <------server ssl profile--------> serverTo my understanding, if the server ssl profile has no specific certificate and key attached F5 is going to use default F5's ssl certificate and key to complete the handshake. correct me if I'm wrong.
As there are too many default ssl certificates and keys, I'm not able to identify which one would be used to complete ssl handshake between F5 and the server.