Forum Discussion

Nimbostratus

Mar 03, 2014

TLS Protocol Session Renegotiation Security Vulnerability Prevention

Hi Team, How to prevent TLS Protocol Session Renegotiation Security Vulnerability Issue ? We have LTM running on version 10x. Thanks and Regards Parveez

Cory_50405

Noctilucent

Mar 04, 2014

If you are going to apply a server SSL profile, then yes your server will need to be configured with a certificate and to accept SSL connections.

So it sounds like if your scanner is still finding the TLS renegotiation vulnerability after changing your client SSL profile to either 'require' or 'require strict', then it's a false positive.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

TLS Protocol Session Renegotiation Security Vulnerability Prevention

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

SSL Legacy Renegotiation vs Secure Renegotiation Explained using Wireshark

SSL Profiles Part 6: SSL Renegotiation

OpenSSH vulnerability

Mitigating Log4j Vulnerability using F5 BIG-IP

BYOEDR, Undetectable backdoor, WhoFi, Cyberattack to airline, and Clickjacking vulnerability

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS