Forum Discussion
Andrei_Popiste1
Jan 17, 2011Nimbostratus
SSL serverside cipher mismatch
In a hardware-based 10.2(+HF2) LTM installation, LTM cannot negotiate cipher with an IIS6 server (ssldump reports a TCP close sequence after client hello).
Default https monitor reports TLS...
hooleylist
Jan 18, 2011Cirrostratus
Hi Andrei,
Are you testing an issue with an HTTPS monitor or load balanced traffic through a VS or both? Does the monitor succeed with TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA?
Can you try using the insecure ciphers server SSL profile just to test?
sol11624: Change in Behavior: The default BIG-IP SSL profiles no longer include DES-CBC-SHA and ciphers containing the MD5 hash
http://support.f5.com/kb/en-us/solutions/public/11000/600/sol11624.html
sol11631: SSL ciphers used in the clientssl-insecure-compatible and serverssl-insecure-compatible SSL profiles
http://support.f5.com/kb/en-us/solutions/public/11000/600/sol11631.html
Aaron
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects