An Irule for Client Ssl Profile that Allows Unassigned TLS Extension Values (17516)

Hello Community,

 

I have a requirement to allow enriched https header enrichment. The SSL negotiation (I'm doing ssl termination on F5) fails because the enriched header from client contains reserved tls extension values. (https://www.iana.org/assignments/tls-extensiontype-values/tls-extensiontype-values.xhtmltls-extensiontype-values-1).

 

The Client Hello request in the SSL Handshake was captured and contained an Extensions list, which included a reserved TLS Extension value (17156), which the F5 isn't presenting in Server Hello.

 

I need an irule that can allow that Extension to be added on the client ssl profile so the ssl handshake doesn't fail.