Forum Discussion

Nimbostratus

Mar 03, 2014

TLS Protocol Session Renegotiation Security Vulnerability Prevention

Hi Team, How to prevent TLS Protocol Session Renegotiation Security Vulnerability Issue ? We have LTM running on version 10x. Thanks and Regards Parveez

Cory_50405

Noctilucent

Mar 03, 2014

One thing I'll add is that enabling secure renegotiation on a server SSL profile will break connections if the server isn't patched accordingly. We encountered this for many different applications after upgrading to v11. In an ideal world, all servers would be patched for this renegotiation vulnerability, especially since it's been around for so long, but...

Something to keep in mind when upgrading.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

TLS Protocol Session Renegotiation Security Vulnerability Prevention

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

SSL Legacy Renegotiation vs Secure Renegotiation Explained using Wireshark

SSL Profiles Part 6: SSL Renegotiation

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

BYOEDR, Undetectable backdoor, WhoFi, Cyberattack to airline, and Clickjacking vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS