Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

Is there a way on F5 to disable rsa_pss* signature algorithms?

Dez
Nimbostratus
Nimbostratus

‎07-Dec-2020 10:12

I am having an issue with SSL decryption on my Palo Alto firewall in front of F5. It works with Internet Explorer, but not Firefox or Chrome. According to Palo Alto TAC, the issue is certain signature algorithms - see https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PMR7CAO

 

Is there a way on F5 to disable rsa_pss* signature algorithms?

Labels:
0 Kudos
1 REPLY 1

jaikumar_f5
MVP
MVP

‎08-Dec-2020 01:01

Yes this is doable from what I've learnt from articles. For this your Bigip needs to be on 14.x or above.

Beginning in 14.x you have the option to use Cipher Rule, where you can specify the list of signature algorithm for negotiation's.

 

Other than that, I dont see a method to achieve this.

0 Kudos
Copyright © 2023 Khoros, LLC