Forum Discussion

rafaelbn_305907's avatar
rafaelbn_305907
Icon for Nimbostratus rankNimbostratus
May 06, 2018

ssldump first connection doesn't seem to transfer any data

Hello Devs! When a client connects using IEv11, the first and second TLS connections does not seen to transfer any data. The application is working just fine. I'm just curious about this... Here ...
application delivery
BIG-IP
LTM
security
rafaelbn_305907's avatar
rafaelbn_305907
Icon for Nimbostratus rankNimbostratus
May 06, 2018

Hello Blakely!

Yes. All three browsers behave the same. I think this could be the self-signed certificate. Since the browser is expecting the user to accept the security exception, it sends the reset to the server. When the client confirms the exception, the browser starts a new connection. Does that make sense to you?

If I connect from a linux box through "openssl s_client -connect 192.168.1.43:443", the ssldump is perfect!

Client ssl is as follows:

ltm profile client-ssl clientssl_lab.local {
    app-service none
    cert lab.local.crt
    cert-key-chain {
        lab.local_lab.local {
            cert lab.local.crt
            chain lab.local.crt
            key lab.local.key
        }
    }
    chain lab.local.crt
    ciphers DEFAULT
    defaults-from clientssl
    inherit-certkeychain false
    key lab.local.key
    passphrase none
    peer-cert-mode require
}

Thanks! Rafael