F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

adam88's avatar
adam88
Icon for Cirrus rankCirrus
Feb 04, 2020

Server Side SSL Working When I Expected it to Fail

Hi folks - I have a strange situation and I was hoping to understand better what is going on.   I have an older LTM, it's a Viprion chassis with a 2100 blade - both the chassis and the blade are ...
DevBabu's avatar
DevBabu
Icon for Cirrus rankCirrus
Feb 04, 2020

If you are using SSL profile, BIG-IP uses tmm ciphers. So, serverside SSL uses tmm ciphers.

To check tmm ciphers, from bash we can use command, tmm --serverciphers 'DEFAULT' or the ciphers you have specified in serverside profile. Similar command tmm --clientciphers 'DEFAULT'

 

In versions 11.x the monitors use openssl.

  • adam88's avatar
    adam88
    Icon for Cirrus rankCirrus
    Feb 04, 2020

    Oh! Does that mean that in versions 11.x, when the LTM tries to establish server side SSL connections it actually uses the TMM to initiate and not OpenSSL?

     

    And that only the monitors use OpenSSL to make the connection for health monitoring?

     

    This makes a lot of sense if it's the case 😄