For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

RobL216_235020's avatar
RobL216_235020
Icon for Nimbostratus rankNimbostratus
Oct 26, 2016

HTTPS iAPP not working with error message

We are currently using a BIG-IP 2000 LTM with a HTTP iApp configured to pass thorugh Http traffic to a pair of nodes for load balancing.

 

We have changed this to https using SSL pass-through. i.e. Encrypted traffic is forwarded with decryption.

 

However this does not work and we get an error form the client of: Turn on TLS 1.0, TLS 1.1 and TLS 1.2 in Advanced settings and try connecting to https://***.... again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite, such as RC4, which is not considered secure. Please contact your site administrator.

 

If we point directly to a node it works fine so I know the servers are set correctly.

 

Anyone know why the F5 is not passing through the https traffic?

 

Running version: BIG-IP 11.5.3 Build 2.0.196 Hotfix HF2

 

2 Replies

  • Jinshu's avatar
    Jinshu
    Icon for Cirrus rankCirrus
    Oct 26, 2016

    Is this VIP configured in SSL pass through for SSL offload?

     

    If it is SSL pass through, then, the VIP will be configured as forward type and there wont be any SSL settings on that.

     

    If it is on SSL offload, you might need to tewak the SSL settings to understand what is happening. Are you using default ciphers in SSL profile?

     

    -Jinshu