Forum Discussion
NimbostratusIrule to redirect traffic from TLSv1.0 to TLSv1.2 ?
Is there any way we can redirect the traffic from TLSv1.0 to TLSv1.2 in order to connect outside Database connection which accepts only TLSv1.2 connection .
Samir_Jha_52506Noctilucent
Not Very much sure about iRule but can apply Client n Server SSL profile(SSL Bridge) to VIP and see if it works for you(
).NON Production only
mahi7_362276f5_rock can you please explain or provide a document how it is done.. Thanks in Advance
- Samir_Jha_52506
Please try in Non-prod environment as I haven't validated so far.
F5 Server SSL profile enables the BIG-IP system to initiate secure connections to your SSL servers by using a fully SSL-encapsulated protocol and providing configurable settings for managing server-side SSL connections.
So, We will apply certificate on server and create two profile(Client n Server SSL) on F5. Make sure you will disable TLS1.0, SSLv1, SSLv2 on Server SSL profile.
User --> VIP > Profiles > ClientSSL <--> ServerSSL > Server.
Hope you understand me. Paste if any question.
NUT2889Cirrostratus
Hi,
Not sure about you meaning for redirect from TLS1.0 to TLS1.2. But normally if you configure the F5 as SSL Re-encryption. You can configure options list under client ssl profile by disable TLSv1.1, TLSv1.2 and leave the default for server ssl profile.