For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

nov1ce_120072's avatar
nov1ce_120072
Icon for Nimbostratus rankNimbostratus
Feb 26, 2013

SSL offloading

Hello,   I'm trying to test SSL offloading on F5 LTM VE (10.1.0 / 3341.1084).   My setup is pretty straight-forward -- one pool member running IIS 6 on 80/tcp with VS in the same network (I can...
config
design
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Feb 26, 2013
"How can check this? I'm using self-signed certificate which was included with F5 LTM VE."

 

- Nevermind. You're not using client certs and you're using the default server certs on the BIG-IP. Didn't catch that at first.

 

 

Okay, so it doesn't appear to be a validation/revocation issue. Do you not get certificate warnings with all of the browsers? Do you have any special cipher settings (or anything special) in your client SSL profile, or in your browsers?

 

 

Also, not sure this is related, as it talks about client cert, but take a look at this:

 

 

sol12313: The BIG-IP system responds with a full SSL handshake regardless of whether the client sends a session ID during SSL session renegotiation

 

http://support.f5.com/kb/en-us/solutions/public/12000/300/sol12313.html?sr=27615885

 

 

And ID 226971 from the 10.2.1 release notes

 

http://support.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote_10_2_1_ltm.html?sr=27616725