For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

nov1ce_120072's avatar
nov1ce_120072
Icon for Nimbostratus rankNimbostratus
Feb 26, 2013

SSL offloading

Hello,   I'm trying to test SSL offloading on F5 LTM VE (10.1.0 / 3341.1084).   My setup is pretty straight-forward -- one pool member running IIS 6 on 80/tcp with VS in the same network (I can...
config
design
nov1ce_120072's avatar
nov1ce_120072
Icon for Nimbostratus rankNimbostratus
Feb 26, 2013
Thank you. Here it is (I omitted html content for successful attempts):

 

 

Internet Explorer: http://pastebin.com/PgEMErsD (works OK)

 

Firefox: http://pastebin.com/uLeTF4y3 (I left it connecting during the tcpdump session and eventually, after some time, the webpage was loaded but corrupted (for example, without images, CSS and forms))

 

Chrome: http://pastebin.com/V2ih7bUy (never worked, timed out pretty quick)

 

 

1. Do your client certificates contain a CRLDP or AIA field, and if so are those accessible?

 

How can check this? I'm using self-signed certificate which was included with F5 LTM VE.

 

 

2. In Chrome, under Advanced Settings and HTTP/SSL, do you have "Check for server certificate revocation" checked?

 

It's unchecked.

 

 

3. In Firefox, in Options, Advanced, Encryption, then the Validation button, what do you have checked there?

 

Both options are unchecked.

 

 

Many thanks for your time.