Forum Discussion
boneyard
MVP
MVPssl::renegotiate changes SSL session ID and makes it impossible to resume?
when calling ssl::renegotiate (in v11.2 / 11.3) it seems that the SSL session ID changes (very slightly, gets +1 somewhere near 2/3s) and can't be used anymore by new resume requests that request in ...
boneyardMVP
MVPim doing the usual requesting a client certificate from the irule without having the put the ssl client side profile on request.
because of the failure to request the new SSL session id certain tcp session are using a different SSL session id which isn't authorized within the irule to access the protected resources.
this can be solved with using a cookie, but i just want to understand why the F5 doesn't honor the request for an, in my opinion, valid SSL session id.
