SSL handshake fail after software upgrade from 12.1.2 to 13.1.1.5

Hi Mohan,

Does the client SSL profile use the "DEFAULT" cipher string? If it does then that may be the reason for the handshake failures. The default ciphers have changed between versions. For more information please take a look at the following article.

K13156: SSL ciphers used in the default SSL profiles (11.x - 13.x)

https://support.f5.com/csp/article/K13156

-Nathan F

indeed there are cipher suit differences, but here i dont see any impact of these warnings, seems 13.x logging more messages, i also see connections from same clients are being established, also in tcpdumps there is no such connection issue, also checked the log settings from old and 13.x and its same, i am just afraid so many logs are eating log space and also can suppress important messages, clueless for the moment why 13.x logging more messages where as it is establishing connections and no impact is seen otherwise-

sample message -

Oct 8 23:40:51 lbxxx warning tmm1[18881]: 01260013:4: SSL Handshake failed for TCP xxxx:10089 -> xxxx:443

you are right Mohan, more SSL logging is enable. i did believe that started in 13.x, this article seems to indicate it was in 12.x. anyway you can change the log level if it indeed is too much for your system

https://support.f5.com/csp/article/K09322055