Forum Discussion
Andrei_Popiste1
Jan 19, 2011Nimbostratus
Testing both (monitor & vs): default https monitor using DEFAULT:+SHA:+3DES:+kEDH succeeds with TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA, server-side SSL handshake of VS fails (SERVERSSL_HANDSHAKE event never reached, ssldump shows only client (f5) hellos followed by real server's TCP FIN.
In server SSL profile used for vs I tried several combinations: DEFAULT:+EDH, COMPAT, ALL - with ALL, only
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
are sent from f5 to server. I tried also the default serverssl-insecure-compatible.
I wonder if default monitor is implemented using openssl libraries.