Forum Discussion

Nimbostratus

Apr 07, 2014

OpenSSL and Heart Bleed Vuln

Get the latest updates on how F5 mitigates Heartbleed Hi Team, I know this question is eventually going to be asked - I may as well do it. With the news today about the Heartblee...

Historic F5 Account

It's quite possible to work this out logically: Ref: http://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html

There are ciphers which exist in Native but not in Compat.
YOu can specify "NATIVE:COMPAT" as a cipher string
Therefore, the stack used depends on which cipher is in use, with the natural preference being for NATIVE.

What_Lies_Bene1

Cirrostratus

Apr 08, 2014

Yes, OpenSSL supports ALL the NATIVE ciphers as well as the compat ones but obviously those ciphers are handled by TMM and the offload hardware. Your test isn't definitive unless you check the stats and confirm that your connection shows as native, not compat.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

OpenSSL and Heart Bleed Vuln

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Building an OpenSSL Certificate Authority - Creating Your Root Certificate

Building an OpenSSL Certificate Authority - Creating ECC Certificates

Building an OpenSSL Certificate Authority - Configuring CRL and OCSP

OpenSSL CVE-2022-3786 and CVE-2022-3602 or "The Critical that wasn't"

Building an OpenSSL Certificate Authority - Creating Your Intermediary Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS