Forum Discussion

Nimbostratus

Jan 17, 2011

SSL serverside cipher mismatch

In a hardware-based 10.2(+HF2) LTM installation, LTM cannot negotiate cipher with an IIS6 server (ssldump reports a TCP close sequence after client hello). Default https monitor reports TLS...

config

design

Andrei_Popiste1

Nimbostratus

Jan 19, 2011

Thank you for the promptitude of your answer.

tmm --serverciphers 'COMPAT' | grep DHE returns only DHE-RSA-, not DHE-DSS-.

Since I have no access to server, I suspect that real server's certificate was issued using stock Microsoft Base CSP not Microsoft RSA SChannnel Cryptographic Provider.

Thank you for your time and support.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL serverside cipher mismatch

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Front azure traffic from F5 LTM onpremises

Failed to set RDP launch token timeout

AWAF - Do not log Geolocation violations from the Event Log

Load Balancing IIS Servers

remove www from domain

Related Content

Cipher suite mismatch advertisement/warning

SSL protocol mismatch

Serverside SNI injection iRule

Display a warning on client browser when cipher suite mismatch

Cipher Suite Practices and Pitfalls

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS