Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

LTM TLS 1.3

Does LTM version 13.X support TLS1.3 if yes how to check that and apply to VS client ssl profiles ?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

TLSv1.3 (final standard, i.e. RFC8446) will be supported starting from BIG-IPv14.1.0.1 (and also in v15.0).

0
Comments on this Answer
Comment made 2 months ago by am.gli 228

Since some customers already ask - will TLSv1.3 be supported also on upcoming releases of v13.x later?

Problem is, some customers have VE Licences that are only capable of upgrading until v13.

If TLS1.3 is coming only for v15, this would mean that they need a completely new box/license?

0
Comment made 2 months ago by Saravanan M K

There is no plan to backport TLS 1.3 feature on v13.x.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

TLS 1.3 is still not released.

Draft 26 was released on March 04, 2018

1
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

You can find SSL/TLS protocol and ciphersuites supported by the F5 from here K13163: SSL ciphers supported on BIG-IP platforms (11.x - 13.x)

TLS 1.3 is not listed and as Stanislas said it is currently in draft but also don't expect it to be supported until the majority of browsers have implemented it.

0
Comments on this Answer
Comment made 06-Mar-2018 by Ashu 62

Ok Thanks for the information.I asked because i heard from someone that F5 has already released it and i installed the latest version BIGIP-13.1.0.3-0.0.5 and couldn't find that.

Thanks again to both of you.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Can I just upgrade the openSSL package for using TLS1.3? And will TLS1.3 be processed by current BIG-IP model with NITROX III in hardware or I need the new i series model?

Thanks!

0
Comments on this Answer
Comment made 06-Mar-2018 by Jie 2732

Per previous posts, there is no implementation/support of TLS1.3 on BIG-IP, as the protocol standard is not finalised (in draft and not approved) yet. Some clients may have implemented a draft version and they may just stop working when a new draft is out.

If you do have a real need for this, and have a working client and an application with TLS1.3, you can pass the traffic on L4 through a BIG-IP device.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

TLS 1.3 has just been approved by the IETF: https://techcrunch.com/2018/03/23/the-web-will-soon-be-a-little-safer-with-the-approval-of-this-new-security-standard/

It would be great to get a timeline when F5 intends to release a software update supporting TLS 1.3. Also, both Chrome and Firefox support TLS 1.3.

Chrome 65 supports TLS 1.3: https://www.chromium.org/Home/tls13

Firefox 52 supports TLS 1.3: https://groups.google.com/forum/#!topic/mozilla.dev.platform/sfeqeMkyxCI

0
Comments on this Answer
Comment made 26-Mar-2018 by Andy McGrath 2370

Both Chrome and Firefox support draft versions of TLS 1.3 up until now. Guess the next version of the browsers will support the final version and F5 will likely add support within the next major release.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

As has already been commented above, TLS1.3 is now approved. Is there a real answer yet for a timeline for supporting it?

0
Comments on this Answer
Comment made 10-Apr-2018 by Andy McGrath 2370

Short answer nope. F5 uses OpenSSL for a lot of SSL work so the answer to your question is a question, when will OpenSSL 1.1.1 be release (which will support the final TLS 1.3 standard)?

That can be followed by another question of when will F5 view OpenSSL 1.1.1 as stable and add to their next major release?

If you have a major project I would go ask F5 via your reseller or F5 account manager as they might be able to sort you out early access or engineering release but I would guess this would take a while to sort.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

With the DH & RSA ciphers marked down as weak & dinged on Qualys on PFS, a. How do we make the sites more secure & b. How do we make sure clients that connect to the sites will not be impacted on taking out the weak ciphers by only supporting a handful of ciphers that are strong by TLS1.2 ?

Are we left with much options here ?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Thought might be of interest to some: F5 Article TLS1-3 are you ready

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

@Saravanan

How does F5 BigIP handle Perfect Forward Secrecy in the client and server side profiles? TLS 1.3 support ephemeral keys and the keys can be changed midway during the SSL session. How would F5 BigIP be able to gain access to the ephemeral keys to decrypt the sessions? Any idea when we can get more details?

0
Comments on this Answer
Comment made 3 months ago by Kevin Stewart

laksh, you seem to be implying passive decryption, which isn't possible anyway. BIG-IP handles PFS as a function of the proxy architecture, terminating the TLS session on the client side, and initiating a separate TLS session on the server side.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Finally BIG-IPv14.1.0.1 is released (on 23 Jan 2019). It has the TLSv1.3 RFC version support.

0
Comments on this Answer
Comment made 2 months ago by wlopez 339

Is there any formal notification/documentation on this release supporting the final RFC version of TLSv1.3?

I haven't seen anything official on the website or the release notes.

We've been waiting on it to start testing the upgrades on our lab.

I know plenty of people eager to start supporting TLS 1.3 with the clients.

0
Comment made 1 month ago by Saravanan M K

@wlopez: Thanks for the alert. I will make sure that it gets documented. This release does support TLSv1.3 RFC version. I myself tested and confirmed.

0
Comment made 1 month ago by wlopez 339

I loaded the latest version (BIGIP-14.1.0.1-0.0.7.iso) on our lab. The openssl version on that release is "OpenSSL 1.0.2o-fips 27 Mar 2018".

Does that version of openssl include the final standard RFC for TLSv1.3?

According to openssl's website:

https://www.openssl.org/blog/blog/2018/09/11/release111/

"Since 1.1.1 is our new LTS release we are strongly advising all users to upgrade as soon as possible. For most applications this should be straight forward if they are written to work with OpenSSL 1.1.0. Since OpenSSL 1.1.0 is not an LTS release it will start receiving security fixes only with immediate affect as per our previous announcement and as published in our release strategy. It will cease receiving all support in one years time.

Our previous LTS release (OpenSSL 1.0.2) will continue to receive full support until the end of this year. After that it will receive security fixes only. It will stop receiving all support at the end of 2019. Users of that release are strongly advised to upgrade to OpenSSL 1.1.1.

The OpenSSL team will now be moving our focus to the next release which will see us developing a new FIPS module."

[root@bigip1:Active:Standalone] config # openssl version -a
OpenSSL 1.0.2o-fips  27 Mar 2018
built on: reproducible build, date unspecified
platform: linux-x86_64
options:  bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: gcc -I. -I.. -I../include  -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -I/home/f5cm/cm/bigip14.1.0.1/1082522/f5_build/devfs_x86_64/usr/include -DOPENSSL_NO_EC2M -Werror -m64 -O3 -DL_ENDIAN -Wall -fdebug-prefix-map=/home/f5cm/cm/bigip14.1.0.1/1082522/f5_build/devfs_x86_64/usr=/usr -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DG**text**HASH_ASM -DECP_NISTZ256_ASM
OPENSSLDIR: "/etc/pki/tls"
engines:  dynamic tm_crypto rdrand
0
Comment made 1 month ago by Saravanan M K

@wlopez:

Does that version of openssl include the final standard RFC for TLSv1.3?

No.

When I said BIGIPv14.1.0.1 support TLS 1.3 RFC version, I meant the TLS stack inside "tmm" (clientssl/serverssl profiles). Not the openssl command line utility on BIG-IP.

0
Comment made 1 month ago by wlopez 339

So any TLSv1.3 tests that we run on version 'BIGIP-14.1.0.1-0.0.7.iso' will be against the RFC version of the protocol?

Thanks in advance for the clarification.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

In 14.1.0.1 i have tls1.3 RFC Support

0