Forum Discussion

Nimbostratus

May 24, 2012

SSL Renegotiation on PEN Test???

Hi there We're currently getting some of our sites which are served through our F5's pen tested... Our F5's are currently running v11.1.0 HF2. The PEN test report has f...

security

jwham20

Nimbostratus

May 24, 2012

Also, since you're on 11.1.0, you should have:

http://tools.ietf.org/html/rfc5746 Transport Layer Security (TLS) Renegotiation Indication Extension

Which was the fix for the reneg issue. It might be that the Pen test did not check for the secure_renegotiation flag

You happen to know the tool they were using?

-Joshm

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Renegotiation on PEN Test???

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

How can I get started with iCall

Related Content

SSL Legacy Renegotiation vs Secure Renegotiation Explained using Wireshark

SSL Profiles Part 6: SSL Renegotiation

SSL renegotiation DOS mitigation

Re: SSL Renegotiation DOS attack – an iRule Countermeasure

SSL 3.0.7 - Unsafe legacy renegotiation disabled on client side

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS