Forum Discussion

richardgamboac1

Nimbostratus

Oct 10, 2019

serverssl and serverssl-insecure-compatible

I just want go deep about these two ssl servers profile, what are the difference?, when to use each one?.

richardgamboac1

Nimbostratus

Hi eaa,

Thank you for your response. I have two questions, please.

What unpatched clients means? And this field (secure-renegotiation) works for ssl client profiles too?.
If the back-ends servers have an insecure certificate created by itself (iis servers), do F5 needs the back-end servers certificate on server ssl profile or just need the server so-insecure-compatible profile?
thank you!

boneyard

MVP

Oct 13, 2019

unpatched means server that don't support secure renegotiation yet. and yes a similar option is available in the client side SSL profile.

with most default server SSL profile the certificate is not checked at all, so that will work by default. the secure renegotiation is not related to the certificate, it is related to renegotiation a session later on.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

serverssl and serverssl-insecure-compatible

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

serverssl-insecure-compatible for unsecure ports

Activate serverssl profile in iRule

SSL handshake failure using serverssl (F5 and Citrix Netscaler)

serverssl cipher suites

Did Serverssl profile require certificate?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS