Forum Discussion

newf5learner_13's avatar
newf5learner_13
Icon for Nimbostratus rankNimbostratus
Apr 26, 2017

how to identify default ssl key used in ssl-bridging ?

I have configured ssl-bridging for an application, clients are reporting connectivity issues. I'm trying to decrypt the traffic to identify the issues. I tried to decrypt the traffic from F5 to the b...
application delivery
LTM
security
TMOS
IainThomson85_1's avatar
IainThomson85_1
Icon for Cumulonimbus rankCumulonimbus
Apr 26, 2017

If you've got SSL Offload on the device, the key you'll want to use is the key associated with the Server SSL Profile.

 

If the F5 isn't involved in the SSL handshake - I.e. its SSL "Passthrough" and is a FastL4/Forwarding VIP. you won't see the SSL handhsake and therefore won't eb able to decrypt the packets...

 

  • newf5learner's avatar
    newf5learner
    Icon for Nimbostratus rankNimbostratus
    Apr 26, 2017

    Hi Thomson,

    Its a standard VIP with ssl-bridging and with default server ssl profile.

    As it would be a fully proxy connection. 

    client <-----client ssl profile -----> F5 <------server ssl profile--------> server

    To my understanding, if the server ssl profile has no specific certificate and key attached F5 is going to use default F5's ssl certificate and key to complete the handshake. correct me if I'm wrong.

    As there are too many default ssl certificates and keys, I'm not able to identify which one would be used to complete ssl handshake between F5 and the server.