Forum Discussion

Jeff_Williams_4's avatar
Jeff_Williams_4
Icon for Nimbostratus rankNimbostratus
Jun 24, 2014

Disable Supported Elliptic Curves Extension from server

Hi,

We see that our F5 load balancer running BIG-IP 11.5.1 Build 2.0.121 Hotfix HF2, is sending the extension for "elliptic curves" (id=10). For example, this is an extract from a debug using the command:

$ openssl s_client -tls1 -tlsextdebug -state -debug -connect server:443
...
TLS server extension "renegotiation info" (id=65281), len=1
0001 - 
TLS server extension "elliptic curves" (id=10), len=4
0000 - 00 02 00 17                                       ....
TLS server extension "EC point formats" (id=11), len=2
...

The problem is that the elliptic curves extension is a Client Hello extension and not a Server Hello extension according to http://tools.ietf.org/html/rfc4492. This causes some clients (in particular, versions of GNU TLS) to fail to connect. GNU TLS has been updated to tolerate this behaviour (https://www.gitorious.org/gnutls/gnutls/commit/45ec742d6db94b8a5aa2f4f1b3f560d948230e3b) but it is difficult for us update the clients.

Is there a way to disable this extension on the load balancer?

Regards, Jeff

management
security

8 Replies

Sort By
  • afedden_1985's avatar
    afedden_1985
    Icon for Cirrus rankCirrus
    Jun 24, 2014

    is the F5 terminating the ssl? Is the ssl certificate the F5 is using ECDH-capable?

     

  • Jeff_Williams_4's avatar
    Jeff_Williams_4
    Icon for Nimbostratus rankNimbostratus
    Jun 25, 2014

    Yes, the F5 is terminating the SSL.

     

    No, the SSL certificate is not ECDH capable - it is a standard RSA certificate.

     

  • afedden_1985's avatar
    afedden_1985
    Icon for Cirrus rankCirrus
    Jun 25, 2014

    I got some info on this, you can build a new client ssl profile and under advanced for cipher add an exclude to exclude the ECDHE ciphers In my 11.2 box it looks like this DEFAULT:!ADH:!EXPORT40:!EXP:!LOW:!ECDHE I added :!ECDHE That should explude the ECDHE ciphers. then apply the profile to your VIP or I guess if you wanted you could do that to your existing client ssl profile

     

  • Jeff_Williams_4's avatar
    Jeff_Williams_4
    Icon for Nimbostratus rankNimbostratus
    Jun 27, 2014

    Hi afedden,

     

    Thanks for the recommendation, however, I have been unable to test since I only have access to a partition and changes with roles on 11.5 mean that I am not longer able to edit SSL Client Profiles. And our main client running into issues has now been patched to ignore the erroneous extension.

     

    Jeff

     

    • afedden_1985's avatar
      afedden_1985
      Icon for Cirrus rankCirrus
      Jun 30, 2014
      Just an FYI we implemented 11.5 and didn't run into any issue and I didn't disable the ECDHE ciphers. Also F5 tried a repro based on your description and was unable to repro the issue. The issue that did get me was 11.5 removed support for SSLv3 and that caused some issues for some clients until we enabled it.
    • Jeff_Williams_4's avatar
      Jeff_Williams_4
      Icon for Nimbostratus rankNimbostratus
      Jun 30, 2014
      Out of interest, if you run the command: openssl s_client -tls1 -tlsextdebug -state -debug -connect :443 With a version of openssl > 1.0.0, do you get the 'TLS server extension "elliptic curves"' line? We only found it caused issues with certain versions of GNU TLS, so you may not see an issue. That said, it looks like the GNU TLS behaviour was correct. We too had the issue with SSLv3 disappearing, so we added in ciphers as per http://support.f5.com/kb/en-us/solutions/public/15000/000/sol15022.html, then we hit this issue with the elliptic curves!
  • Cloudbase_17179's avatar
    Cloudbase_17179
    Icon for Nimbostratus rankNimbostratus
    Nov 13, 2014

    Still a problem in BIG-IP 11.6.0 Build 0.0.401 Final.

     

    F5 Support - do you have a solution?

     

  • PeterH_34993's avatar
    PeterH_34993
    Historic F5 Account
    Nov 25, 2014

    This is ID 492780. Please open a support case if you need a hotfix.