For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ask_me_anytime_'s avatar
ask_me_anytime_
Icon for Nimbostratus rankNimbostratus
Apr 15, 2010

ServerSSL - SERVERSSL_HANDSHAKE not triggered on certificate check failiure ??

Hello,   during serverSSL handshake, i'm trying to log messages when pool member server ssl certificate is invalid (expired certificate ) and BIGIP rejects it.   In the serverssl profile, i set...
application delivery
dev
devops
iRules
ask_me_anytime_'s avatar
ask_me_anytime_
Icon for Nimbostratus rankNimbostratus
Apr 15, 2010

hi,

 

 

when I set the serverssl profile's "server certificate" item to "Ignore", the event is not triggered in my lab.

 

 

maybe, i should try to validate the server cert in iRule and reject the connection for invalid certs, you suggested..

 

I will try to work on that..

 

Have you ever written a similar irule, before( do the cert check,validation in irule) ? if ,so please share..just to avoid reinventing the wheel..

 

 

thanks,