Forum Discussion
JD1
Mar 05, 2015Altostratus
IIS 7 - SSL Client certificate set to "Accept" seems to force F5 SSL TCP RST.
Hi all,
I've just upgraded an 11.3.0 HF5 to 11.6.0 HF4 BIG-IP.
We've got a couple of IIS7 servers behind, which (for no apparent reason) the server admins configured the SSL Settings to "Ac...
Brad_Parker_139
Nacreous
It is very possible that the ciphers are no longer compatible. Could your server admins only be allowing SSLv3 and starting with 11.5 the"DEFAULT" cipher list doesn't include SSLv3?
https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13156.html
Brad_Parker_139
Mar 05, 2015Nacreous
Where does the SSL failure happen. Use tcpdump to gather the handshake failure. Which side is terminating the handshake? Do you have a certificate configured in your SSL server profile?
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects