Low SSL ciphers Message to the Client

Question

Hi Folks,
I have a vs that also an old clients with low ssl ciphers suite level Consume.
before i increase the ciphers suite i want to send a popup message to the client for a one month with some warnning that and old os will not work....
how can i do it?

Thanks,

Aviv

spalande · Answer

Please note, this iRule is not tested but to get you started you can use something like below.  when RULE_INIT {
set static::notification_page { 
&lt;html&gt;
&lt;head&gt;
&lt;meta http-equiv="Refresh" content="10; url=https://www.site.com" /&gt;
&lt;/head&gt;
&lt;body&gt;&lt;p&gt;&lt;center&gt;You are using old TLS settings. Please upgrade them to continue your access -&lt;a href="https://www.site.com"&gt;You are being redirected to original site&lt;/a&gt;.&lt;/center&gt;&lt;/p&gt;
&lt;/body&gt;
&lt;/html&gt;
  }
}
&nbsp;
when CLIENTSSL_HANDSHAKE {
    if { ( [SSL::cipher name] contains "RC4" ) }{
        set old_tls 1
    } else {
        set old_tls 0
    }
}
when HTTP_REQUEST {
    if { ($old_tls == 1) and (not [HTTP::cookie exists NotificationDone])} {  
        HTTP::respond 200 content [subst $static::notification_page] "Mime-Type" "text/html" "Set-Cookie" "NotificationDone=1; path=/; domain=[HTTP::host]"
        TCP::close
    } else {
         return
    }
}

Forum Discussion

Low SSL ciphers Message to the Client

Recent Discussions

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

FTP PASV mode to Extended Passive mode

Oracle JDBC SSL Termination failing on F5

APM for banner and cert

An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Related Content

Load Balancing TCP TLS Encrypted Syslog Messages

Cipher Suite Practices and Pitfalls

LTM Cipher rule

Disabling Specific Weak Cipher Suites

Cipher Suites Supported (12.1.5.3)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS