Forum Discussion

Altostratus

Sep 18, 2019

SSL handshake fail after software upgrade from 12.1.2 to 13.1.1.5

we see lot many SSL handshake fail warnings in ltm logs for a cleint SSL enabled VIP traffic after software upgrade from 12.1.2 to 13.1.1.5,

Employee

Sep 18, 2019

Hi Mohan,

Does the client SSL profile use the "DEFAULT" cipher string? If it does then that may be the reason for the handshake failures. The default ciphers have changed between versions. For more information please take a look at the following article.

K13156: SSL ciphers used in the default SSL profiles (11.x - 13.x)

https://support.f5.com/csp/article/K13156

-Nathan F

Forum Discussion

SSL handshake fail after software upgrade from 12.1.2 to 13.1.1.5

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Software Upgrade

Knowledge sharing: F5 Software Upgrade/RMA process

SSL Profiles Part 1: Handshakes

TCP Internals: 3-way Handshake and Sequence Numbers Explained

6. SYN Cookie: Hardware vs Software