For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

NiHo_202842's avatar
NiHo_202842
Icon for Cirrostratus rankCirrostratus
Aug 26, 2016

iRule event for SSL handshake fail?

Hi,   is there a way to detect that the client does not support any of the clientssl ciphers? I would like to show a static page saying to upgrade their browser/OS. Thanks!   Regards  
iRules
LTM
security
Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Aug 26, 2016

Mm... If the SSL negotiation fails, how is the client going to show the page to the user?

 

You'd have to let the SSL/TLS complete with a lower encryption and then redirect IF the encryption wasn't one of the allowed ones...

 

There used to be a fairly simple rule around on codeshare for this, but I just stumbled on a newer one from GavinW Friendly SSL Page which you change the encryption from required to request and then redirect if you don't get the 'required' encryptions...