How Proxy SSL works on BIG-IP
Published Sep 04, 2019
Version 1.0Was this article helpful?
One small typo in the Cipher Suite format diagram.
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
The hashing function in the cipher suite represents either MAC or PRF (Pseudo Random Function) depending on the cipher. For AES_GCM, it represents PRF, because AES_GCM is an AEAD cipher which has inbuilt MAC functionality called GHASH. Thus it does not need a separate MAC algorithm.