Forum Discussion
NimbostratusTLS version 1.0 on Client side and TLS version 1.2 on Server side
Hi All,
I'm hoping you can help me with configuration of ssl profiles on the LTM.
We have a legacy java application that can only establish TLS 1.0 outbound connections, but the server it's trying to establish connections to will only accept a minimum of TLS 1.2.
We don't need to decrypt the traffic, just to enforce TLS 1.2 on the server side.
How would you configure the clientssl/serverssl profiles for this?
Many thanks for your help!
SJJust to add we are on BIG-IP version 15. We don't have SSL Orchestrator or SSL Forward Proxy license.
- Mayur_Sutare
MVP
As client side SSL and Server side SSL works independently for maintaining SSL session between client & F5 and between F5 and backend server respectively, so your requirement should work.
To configure SSL profiles, you need to disable and/or enable required TLS version under client and server ssl profiles under advance tab--> ciphers options list. here by selecting Cipher group and enable desired TLS versions under options list. If you are selecting Cipher Suits option, then you can define specific cipher suits under the provided field. e.g. DEFAULT:!TLSv1:!TLSv1_1 This is example of cipher suits for your reference. This given cipher suit will block TLS1.0 and TLS1.1 versions. You can even apply specific encryption, key parameters under cipher suit along with keyword used for blocking TLS versions.
Hope it helps!
Mayur Sutare
- SJ
Hi Mayur,
Thanks very much for your response!
I followed your advice and on the serverssl profile I blocked TLS v1/1.1 with DEFAULT:!TLSv1:!TLSv1_1:!ECDHE_ECDSA , I added the exclude for ECDHE just to test if this was working.
I verified what ciphers this would include first:
[xxxxxxbigip] log # tmm --serverciphers 'DEFAULT:!TLSv1:!TLSv1_1:!ECDHE_ECDSA'
ID SUITE BITS PROT CIPHER MAC KEYX
0: 49199 ECDHE-RSA-AES128-GCM-SHA256 128 TLS1.2 AES-GCM SHA256 ECDHE_RSA
1: 49171 ECDHE-RSA-AES128-CBC-SHA 128 TLS1.2 AES SHA ECDHE_RSA
2: 49191 ECDHE-RSA-AES128-SHA256 128 TLS1.2 AES SHA256 ECDHE_RSA
3: 49200 ECDHE-RSA-AES256-GCM-SHA384 256 TLS1.2 AES-GCM SHA384 ECDHE_RSA
4: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 AES SHA ECDHE_RSA
5: 49192 ECDHE-RSA-AES256-SHA384 256 TLS1.2 AES SHA384 ECDHE_RSA
6: 156 AES128-GCM-SHA256 128 TLS1.2 AES-GCM SHA256 RSA
7: 47 AES128-SHA 128 TLS1.2 AES SHA RSA
8: 47 AES128-SHA 128 DTLS1 AES SHA RSA
9: 60 AES128-SHA256 128 TLS1.2 AES SHA256 RSA
10: 157 AES256-GCM-SHA384 256 TLS1.2 AES-GCM SHA384 RSA
11: 53 AES256-SHA 256 TLS1.2 AES SHA RSA
12: 53 AES256-SHA 256 DTLS1 AES SHA RSA
13: 61 AES256-SHA256 256 TLS1.2 AES SHA256 RSA
14: 65 CAMELLIA128-SHA 128 TLS1.2 CAMELLIA SHA RSA
15: 132 CAMELLIA256-SHA 256 TLS1.2 CAMELLIA SHA RSA
16: 158 DHE-RSA-AES128-GCM-SHA256 128 TLS1.2 AES-GCM SHA256 EDH/RSA
17: 51 DHE-RSA-AES128-SHA 128 TLS1.2 AES SHA EDH/RSA
18: 51 DHE-RSA-AES128-SHA 128 DTLS1 AES SHA EDH/RSA
19: 103 DHE-RSA-AES128-SHA256 128 TLS1.2 AES SHA256 EDH/RSA
20: 159 DHE-RSA-AES256-GCM-SHA384 256 TLS1.2 AES-GCM SHA384 EDH/RSA
21: 57 DHE-RSA-AES256-SHA 256 TLS1.2 AES SHA EDH/RSA
22: 57 DHE-RSA-AES256-SHA 256 DTLS1 AES SHA EDH/RSA
23: 107 DHE-RSA-AES256-SHA256 256 TLS1.2 AES SHA256 EDH/RSA
24: 69 DHE-RSA-CAMELLIA128-SHA 128 TLS1.2 CAMELLIA SHA EDH/RSA
25: 136 DHE-RSA-CAMELLIA256-SHA 256 TLS1.2 CAMELLIA SHA EDH/RSA
26: 4865 TLS13-AES128-GCM-SHA256 128 TLS1.3 AES-GCM NULL *
27: 4866 TLS13-AES256-GCM-SHA384 256 TLS1.3 AES-GCM NULL *
Then I've just done SSLDump and I see the following:
New TCP connection #1: x.x.x.x(50884) <-> x.x.x.x(443)
1 1 0.0023 (0.0023) C>SV3.3(199) Handshake
ClientHello
Version 3.3
random[32]=
5f 34 07 21 bb 19 13 72 4d bf 49 3f de e5 13 80
dc 25 6e 09 85 2a ee 2f 68 73 96 1f 2f e4 c6 8e
cipher suites
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
.............output ommitted.................
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
compression methods
NULL
extensions
server_name
status_request
supported_groups
ec_point_formats
signature_algorithms
signature_algorithms[18]=
xxxxxxxxxxxx*output omitted************
SessionTicket
application_layer_protocol_negotiation
extended_master_secret
Unknown extension (0x18)
renegotiation_info
1 2 0.0032 (0.0009) S>CV3.3(91) Handshake
ServerHello
Version 3.3
random[32]=
xxxxxxxxxxxx*output omitted************
session_id[32]=
xxxxxxxxxxxx*output omitted************
cipherSuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
compressionMethod NULL
extensions
renegotiation_info
ec_point_formats
extended_master_secret
1 3 0.0032 (0.0000) S>CV3.3(956) Handshake
Certificate
1 4 0.0032 (0.0000) S>CV3.3(333) Handshake
ServerKeyExchange
ServerKeyExchange[329]=
xxxxxxxxxxxx*output omitted************
1 5 0.0032 (0.0000) S>CV3.3(4) Handshake
ServerHelloDone
1 0.0246 (0.0214) C>S TCP FIN
1 0.0247 (0.0000) S>C TCP FIN
Even though it's negotiating the right version (3.3) which I believe is TLS 1.2, according to my cipher list it shouldn't offer up ECDHE_ECDSA, which it does in the client hello. Then after the server hello there is just a TCP FIN from the client, so the handshake never completes.
I'll post a picture of the profile config
- SJ
This is the serverssl profile config - on the ciphers section
- SJ
On the clientssl profile, I've allowed a cipher suit of DEFAULT as this side can be TLS1 (from client to BIG-IP)
