Marvin's avatar
Marvin
Icon for Cirrocumulus rankCirrocumulus
Nov 16, 2022

Hi Graham, my client is working for a while with this solution but seems they have an issue with version 15.1.x , using your iapp and only the ADFS proxy checkbox on the VS for one ADFS virtual server we see that the clientssl handshake is not being send to the ADFS server with the default setting SSL renegotiation disabled and we see this error in ltm logs

Self-initiated renegotiation attempted while renegotiation disabled: /Common/t-ADFS-proxy_client-ssl

When enabling renegotiation in clientssl profile it works.

We do have another virtual server with the renegotiation disabled and there the clientssl hello is being send normally to ADFS server, what are your thoughts on the ADFS and renegotiation settings required and do you have any idea what is happening here?

The iapp created the clientssl profile with clientssl-secure as parent and the renegotiation is disabled and in serverssl it is enabled