For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Spidey_29396's avatar
Spidey_29396
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016
Solved

how to validate what cipher has been used in SSL transaction

Hi All,   Just want to confirm on how we can validate if cipher used in ssl transaction is RSA?   Thanks!  
application delivery
BIG-IP
security
  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Feb 24, 2016

    Or you can use:

    when CLIENTSSL_HANDSHAKE { 
log local0. "CLIENTIP [IP::client_addr] SSL Cipher: [SSL::cipher name]"
 }
David_Stout's avatar
David_Stout
Icon for Nimbostratus rankNimbostratus
Feb 24, 2016

I used an iRule to log this and then tailed the ltm log file

when HTTP_REQUEST {

    if { [info exists logged] && $logged == 1 }{
         Do nothing. Already logged for this connection
    } else {
        set logged 1
        log "Rule CIPHER_logging fired, from [IP::remote_addr] to vip [IP::local_addr] Cipher [SSL::cipher name]:[SSL::cipher version]:[SSL::cipher bits] Client:[HTTP::header "User-Agent"]:[HTTP::host]"
    }
}