Forum Discussion
Tom_G__134358
Feb 14, 2014Nimbostratus
I tried with the string you suggested and it did not work.
I then did some trial and error and isolated the string which caused the failure.
Whenever I use !TLSv1.1, !TLSv1.2, !TLSv1_1 or !TLSv1_2, it fails.
It worked with the following string :
!SSLv2:!EXPORT:!DH:RSA+RC4:RSA+AES:RSA+DES:RSA+3DES:ECDHE+AES:ECDHE+3DES:@STRENGTH
The same string with
@SPEED
did not work.
I was surprised that the client hello was sent with protocol version 3.1 (TLS 1.0) whereas the actual connection to the server uses protocol version 3.3 (TLS 1.2) by default (if I don't specify !TLSv1_2 in the cipher string).
Obviously, the monitor does not use the same SSL implementation as the SSL server profiles ...
Thanks for your help Kevin !
Tom
PS: this is the behaviour on 11.4.1 HF2, I'll try 11.5.0 soon, I might get different results.