For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Brandon's avatar
Brandon
Icon for Cirrostratus rankCirrostratus
Mar 22, 2019

LTM LogConnection error: ssl_null_parse:3167: record length too large (22)

Has anybody seen this issue?   Running 13.1.0.7 Log Level Warning Connection error: ssl_null_parse:3167: record length too large (22)   I found this article but it doesnt apply to 13.1.0.7 K...
application delivery
BIG-IP
LTM
Brandon's avatar
Brandon
Icon for Cirrostratus rankCirrostratus
May 20, 2019

I opened a ticket with F5 Support. One of our VIPs had a server side ssl profile "serverssl-insecure-compatible".

 

I remove the profile

 

We have this virtual server using "serverssl-insecure-compatible"

https://support.f5.com/csp/article/K13214

 

Support Engineer also added

"The following table lists the ciphers used in the serverssl-insecure-compatible SSL profile in BIG-IP 13.0.0 - 13.1.0"

 

Adding "!DHE:!ECDHE:" may prevent those messages from happening.