Forum Discussion

SIP_354925's avatar
SIP_354925
Icon for Nimbostratus rankNimbostratus
Apr 03, 2018

Server SSL Profile

Can someone explain this in the server ssl profile properties. I thought that the BIG-IP was server cipher preference. So between the BIG-IP and server the BIG-IP is the client. But from the statemen...
ASM Advanced WAF
security
Kevin_K_51432's avatar
Kevin_K_51432
Historic F5 Account

Greetings,

 

I think the intent of this option is to cause BIG-IP to pause the client side SSL connection, handshake with the server, get the server's cipher and then negotiation with the client using that cipher. However, I don't believe this option works based on this article which probably needs an update:

 

https://support.f5.com/csp/article/K12390

 

Hope this is helpful!

 

Kevin

 

SIP_354925's avatar
SIP_354925
Icon for Nimbostratus rankNimbostratus
Apr 05, 2018

Thanks!!