Forum Discussion

Altostratus

Feb 22, 2021

SSL handshake unsupported ciphers

Hi Team, I'm running a VS on port 443 and backend nodes on port 8080. ClientSSL and SERVERSSL is configured. The monitoring is generic tcp on 8080 and it's good too. There is a page in backe...

Altostratus

Mar 01, 2021

Hi Thanks for the reply,

I will compare with the server side ciphers, but i'm curious to understand how it is working for now. Because the handshake is rejected if I CURL from the F5, but the monitor is UP and clients are able to access the same page.

boneyard

MVP

Mar 01, 2021

well curl can use different ciphers then the big-ip health monitor. in your case you say the health monitor is tcp on 8080 so the health monitor isn't even using a cipher.

your client traffic will be handled by the server SSL profile, which can also use different ciphers or tls version then curl.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL handshake unsupported ciphers

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

ASM/AWAF declarative policy

Changes to DO and AS3 GitHub - no longer monitored

Help with SSH Virtual Server

GRE Tunnel Issue

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

Unsupported Snort Keywords in Protocol Inspection

unsupported certificate error with device certificates

Cipher Suite Practices and Pitfalls

SSL Profiles Part 1: Handshakes

TCP Internals: 3-way Handshake and Sequence Numbers Explained

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS