Forum Discussion
apm_user_138559
Aug 16, 2017Nimbostratus
In the end after a lot of tcp dumping and reproducing, F5 support claims it is a regression on the client side (Microsoft). They have an article describing it:
Since we have support for better ciphers than those with problems, we decided to create a new SSL client profile and assign it to the VIP for MSX. This is our ciphers list in that profile:
DEFAULT:!EDH:!DH:!DHE:!RSA:@STRENGTH
After that we have had no more problems with those errors. Hope it helps.