LTM Healt monitor decrypt ECDHE

Question

Is any method to decrypt LTM HealtMonitor from tcpdump that is using TLS1.2 and Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ?

iRule is not an option, because HealtMonitor is not traversing virtual server and act as a client to node Server.

ssldump does not support ECDHE session keys.

Server side tcpdump is not an option.

Certificate and private key from server side are available.

boneyard · Answer

the only way would be for the client (F5) or server (server) to output the session key.

for a health monitor im not aware of any way to make that happen, perhaps the server wants to?

my question is why? you can easily replicate the behaviour with a curl or openssl s_client from the big-ip, why does the health monitor traffic have to decrypted?

marg · Answer

Thank you for reply. Thats the case.&nbsp;cURL in F5 bash is working and converted to http healt monitor is not responding but that's another case

Forum Discussion

LTM Healt monitor decrypt ECDHE

Recent Discussions

BIG-IP Oauth Client and AS

F5 BOT DEFENSE AWAF blocked some legitimate browsers

Advice to partial rename uri path

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Submenus missing in ASM Security Tab

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

F5 Distributed Cloud - Regional Decryption with Virtual Sites

Decrypting TLS traffic on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS