Forum Discussion
JDamian
Nimbostratus
Nimbostratus[X509::whole [SSL::cert 0]] shows incomplete certficate
Hi In order to debug a problem regarding client certificates I added a line into a iRule for logging the certificate: log local0.info "ClientSide [IP::client_addr] - Certificate: [X509::whole [S...
JDamianNimbostratus
NimbostratusMy greater issue is that after my LB team upgraded a F5 BIG IP device to 16.1.3.4 some apps requiring client certificate stopped working properly from certain clients -- an iRule did the job of requiring the certificate for last 5 years.
We have narrow down the problem to .NET client connections because the same client requests from SOAP-UI or Java have no problem.
CA_Valli
MVP
MVPWas it a Major release upgrade?
First thing that comes to my mind in this scenario is that allowed/disallowed cipher suites might have changed. By any chance, do the clients that stopped working share some "legacy" SSL config?
v16 suites: https://my.f5.com/manage/s/article/K05134218
v15 suites: https://my.f5.com/manage/s/article/K86554600
v14 suites: https://my.f5.com/manage/s/article/K97098157