sgnewbie_121449
Jan 23, 2013Nimbostratus
SSL - F5 sending TCP RST after handshake
We just renewed server's SSL certificate with 2048 bit but now F5 is sending TCP RST to the server after Handshake.
It's working when we switch back to the old certificate (1024 bit) without changing F5 config.
Here is the SSLdump:
1 1 0.0010 (0.0010) C>S Handshake
ClientHello
Version 3.1
cipher suites
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
Unknown value 0x2f
Unknown value 0x35
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
compression methods
NULL
1 2 0.0024 (0.0013) S>C Handshake
ServerHello
Version 3.1
session_id[32]=
50 ff 8c cf 7d cc 68 fe 70 b6 d3 15 6c 6e 7c da
f6 32 a3 45 48 53 69 e1 cc a4 f7 1e 68 9a 58 8c
cipherSuite TLS_RSA_WITH_RC4_128_MD5
compressionMethod NULL
Certificate
ServerHelloDone
1 0.0027 (0.0002) C>S TCP RST
I could connect to the server using "openssl s_client -cipher 'RC4-SHA' -connect".
The server is JBOSS. We're using BIG-IP 9.2.3.
Does anyone know why?