TLS 1.3 and BIG-IP Virtual Edition - BEST
Has there been any changes in the way TLS 1.3 is configured in AWS BEST AMIs after 15.0.1.1 0.0.3 build. Same config works fine with no error on F5 BIG-IP Virtual Edition - BEST 15.0.1.1 0.0.3 and F5 BIG-IP Virtual Edition - GOOD 15.1.0.4 0.0.6 but not for F5 BIG-IP Virtual Edition - BEST 15.1.0.4 0.0.6.
I'm getting the below error:
curl -v -k https://20.0.5.25/30KB.htm
* Trying 20.0.5.25...
* TCP_NODELAY set
* Connected to 20.0.5.25 (20.0.5.25) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (OUT), TLS alert, Server hello (2):
* error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac
* stopped the pause stream!
* Closing connection 0
curl: (35) error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac