Forum Discussion

PeterKoine_1630's avatar
PeterKoine_1630
Icon for Nimbostratus rankNimbostratus
Jan 22, 2015

Issue changing TLS version in HTTPS monitor

Hello everyone,   I am having troubles to change the cipher suite on a custom https monitor. Our client has turned off TLS v1.0 on their servers but each time I change the cipher option from DEFAU...
application delivery
availability
deployment
design
LTM
management
  • SynACk_128568's avatar
    SynACk_128568
    Jan 22, 2015

    Hi Peter ,

     

    https monitor uses openssl library and openssl flags sslv3 and tls1.0 same . So when you use DEFAULT:!SSLv3:!TLSv1 there are no ciphers left to negotiate .

     

    have you tried

     

    tmsh modify ltm monitor https monitor_name cipherlist TLSv1 or someother version .

     

    you can see openssl ciphers by using this command :

     

    openssl -v DEFAULT or some other setting in cipherlist in monitor https

     

Anesh's avatar
Anesh
Icon for Cirrostratus rankCirrostratus
Feb 06, 2015

@SynAck Did the change suggested by F5 fix the issue?