Selected client SSL does not match security policies for VS after cipher update

Hi,

I'm trying to update ciphers on one of my profiles. The one I want to use is:

!LOW:!SSLv2:!SSLv3:!MD5:!RC4+SHA:!EXPORT:!DHE:ECDHE+AES-GCM:ECDHE+AES:AES+SHA+RSA:@STRENGTH

This works fine on another VS, but an attemtp of installing it on this one results in this error:

0107157c:3: Selected client SSL profiles do not match security policies for Virtual Server /EXTERNAL/vs_server_443.

Now the OK and NOK vs are a bit different, but I can't figure out which portion of the config can be responsible for this error. Let me summarize the differences:

vs_NOK_443
Protocol Profile (Client):  prot_tcp_client_name_WAN (based on tcp_wan_optimized) 
Protocol Profile (Server):  prot_tcp_client_name_LAN (based on tcp-lan-optimized)
HTTP Profile:               http_xff        

vs_OK_https 
Protocol Profile (Client):  tcp
Protocol Profile (Server):  (use Client Profile)
HTTP Profile:               http_xff_redir-rewrite

Now i do not see any difference between http-xff and http-xff_redir_rewrite is that the latter uses a Server Agent Name

Both server have two client ssl profiles and the profile in question is marked as the default profile for SNI.