Proxy SSL - 01260014:3: Cipher c028:5 negotiated is not configured in profile

Question

I am trying to configure proxy ssl for one of the virtual server but it is failing because the negotiated cipher is not supported on F5 -ECDHE-RSA-AES256-SHA384&nbsp;
How can i make it work with above cipher? I tried to add above in DEFAULT:ECDHE-RSA-AES256-SHA384 client and server ssl profile but it did not work.&nbsp;

yann_desmarest_ · Answer

Hi,&nbsp;
Those ciphers must be removed on the bakend server itself. Changing ciphers on F5 will not help when using Proxy SSL feature.&nbsp;

yann_desmarest · Answer

Hi,&nbsp;
Those ciphers must be removed on the bakend server itself. Changing ciphers on F5 will not help when using Proxy SSL feature.&nbsp;

nuruddin_ahmed_ · Answer

Hi,

i changed to ALL:ECDHE-RSA-AES256-SHA384 and it worked but for other clients its failing for other ciphers. I need to figure out a good cipher which can be hard coded on IIS. Thanks.

nuruddin_ahmed_ · Answer

Hi,

i changed to ALL:ECDHE-RSA-AES256-SHA384 and it worked but for other clients its failing for other ciphers. I need to figure out a good cipher which can be hard coded on IIS. Thanks.

Forum Discussion

Proxy SSL - 01260014:3: Cipher c028:5 negotiated is not configured in profile

4 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

OWA File Upload URIs for WAF Bypass

AST Configuration Assistance

SNMP Monitoring/OIDs for rSeries

iRule Pool member(s) offline or disabled

error code 503 redirect irule

Related Content

Understanding IPSec IKEv2 negotiation on Wireshark

Understanding IPSec IKEv1 negotiation on Wireshark

iRule to decode WebSocket negotiation and frames

wccp configuration for SSL Orchestrator

F5 BIG-IP Advanced WAF – DOS profile configuration options.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS