Forum Discussion

Nimbostratus

Apr 16, 2010

SSL Protocol Question

Before pursuing a potentially fruitless experiment, I thought I'd ask first. This is about the SSL/TLS protocol. Given: 1. A client with a valid certificate (issued to each user) -- C 2. A server wit...

config

design

hoolio

Cirrostratus

Apr 22, 2010

The major issue I see with this is that I think it would require renegotiating the SSL handshake mid-session. Doing so would mean you'd have to leave yourself open to the recent SSL renegotiation vulnerability described here:

http://extendedsubset.com/?p=8

http://www.links.org/?p=780

http://www.ietf.org/mail-archive/web/tls/current/msg03928.html

If this doesn't frighten you away from the solution, I can try testing a rough example (or at least try to put it down in psuedo code. Let me know what you think.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Protocol Question

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

F5 rSeries || Upgrade tenant

Round-robin method not load balanced

F5 AI Roadmap

F5 object groups in AFM

F5 BGP Peering in Active /Standby Cluster

Related Content

F5 MCP(Model Context Protocol) Server

SSL protocol mismatch

Proxy Protocol v2 Initiator

Capture SSL Profile Protocol Stats - Bash

Remote Desktop Protocol (RDP) using an SSL VPN

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS