Yozzer
Oct 31, 2014Nimbostratus
SSLv3 cipher negotiation log
Is it possible to log in an irule if a browser tries to negotiate to a specific cipher?
I have the following irule but this doesn't tell me if a browser tried a disabled cipher before it negotiated an allowed one:
when HTTP_REQUEST {
Check if the client used an SSL cipher if {not ([catch {SSL::cipher version} result]) && [string tolower $result] ne "none"}{ set Name [SSL::cipher name] log local0. "Cipher Version is $result and Cipher Name is $Name" } }
any advice? cheers