Forum Discussion
SSL Cipher error in ltm logfile "Cipher XX:Y negotiated is not configured in profile <sslprofilename>"
- Nov 07, 2013
I don't believe that cipher message is going to map to a specific cipher and I've only ever seen it when the Proxy SSL is configured. Is that a feature you've enabled?
Enabling debug logging for SSL might help, just remember to set it back when done.
tmsh modify sys db log.ssl.level value debug
tmsh modify sys db log.ssl.level value warning
Just a guess; Proxy SSL is enabled and the backend server is using a cipher which isn't in BIG-IP's DEFAULT cipher list. Just some additional background:
http://support.f5.com/kb/en-us/solutions/public/13000/300/sol13389.html
Yeah, I want to pass the traffic straight through (for what are likely dumb reasons, I can't terminate SSL on the BIG-IP due to the way Apache is configured on Server B - it's a server I don't run, is old, and needs to do its own SSL stuff, apparently). I guess I'll play with other configurations that don't use the Proxy SSL feature and see where I end up. Thanks again. - Joe
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com