Forum Discussion

Spidey_29396's avatar
Spidey_29396
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016

how to validate what cipher has been used in SSL transaction

Hi All,

 

Just want to confirm on how we can validate if cipher used in ssl transaction is RSA?

 

Thanks!

 

application delivery
BIG-IP
security
  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Feb 24, 2016

    Or you can use:

    when CLIENTSSL_HANDSHAKE { 
log local0. "CLIENTIP [IP::client_addr] SSL Cipher: [SSL::cipher name]"
 }
  • David_Stout's avatar
    David_Stout
    Icon for Nimbostratus rankNimbostratus
    Feb 24, 2016

    I used an iRule to log this and then tailed the ltm log file

    when HTTP_REQUEST {

    if { [info exists logged] && $logged == 1 }{
         Do nothing. Already logged for this connection
    } else {
        set logged 1
        log "Rule CIPHER_logging fired, from [IP::remote_addr] to vip [IP::local_addr] Cipher [SSL::cipher name]:[SSL::cipher version]:[SSL::cipher bits] Client:[HTTP::header "User-Agent"]:[HTTP::host]"
    }
}
  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Icon for Nacreous rankNacreous
    Feb 24, 2016

    Or you can use:

    when CLIENTSSL_HANDSHAKE { 
log local0. "CLIENTIP [IP::client_addr] SSL Cipher: [SSL::cipher name]"
 }