For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ram_T_S's avatar
Ram_T_S
Icon for Altostratus rankAltostratus
Feb 23, 2021

SSL handshake unsupported ciphers

Hi Team,   I'm running a VS on port 443 and backend nodes on port 8080. ClientSSL and SERVERSSL is configured. The monitoring is generic tcp on 8080 and it's good too. There is a page in backe...
BIG-IP
LTM
security
Ram_T_S's avatar
Ram_T_S
Icon for Altostratus rankAltostratus
Mar 01, 2021

Hi Thanks for the reply,

I will compare with the server side ciphers, but i'm curious to understand how it is working for now. Because the handshake is rejected if I CURL from the F5, but the monitor is UP and clients are able to access the same page.

 

boneyard's avatar
boneyard
Icon for MVP rankMVP
Mar 01, 2021

well curl can use different ciphers then the big-ip health monitor. in your case you say the health monitor is tcp on 8080 so the health monitor isn't even using a cipher.

 

your client traffic will be handled by the server SSL profile, which can also use different ciphers or tls version then curl.