For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

ab7's avatar
ab7
Icon for Nimbostratus rankNimbostratus
Jul 11, 2024

SSL authentication bypass on XC cloud F5

We have managed engine agent-based application which run over https protocol, every agent has unique self-signed certificate. Normally when connection is got initiated at that time agent certificate ...
cloud
security
  • ab7's avatar
    ab7
    Icon for Nimbostratus rankNimbostratus
    Jul 12, 2024

    the query is for Cloud F5 XC WAF

    • Nikoolayy1's avatar
      Nikoolayy1
      Icon for MVP rankMVP
      Jul 22, 2024

      If you are doing a decryption on the F5 XC HTTP LB the XC WAF will not block you because of an SSL cert. Maybe review better the reason for the issue.

       

      You can bypass the WAF also in service policies with more granularity like source IP , HTTP Header and bgp ASN:

       

      Service Policy | F5 Distributed Cloud Tech Docs