cofotony
Jul 12, 2017Nimbostratus
SSLv2 Compatible Client Hello - v10.2.4 - is it possible not to send this format in a monitor??
https://devcentral.f5.com/questions/1024-lotus-domino-web-server-sslv2-compatible-client-hello
My query is essentially the same as the above, query 2). We've an LTM trying to monitor a pool of JVMs, the JVMs are set to only accept tlsv1-1.2 and are rejecting the SSLv2 compatible client hello even though it contains tlsv1.0.
If I try an openssl connection and add a -no_ssl2 at the end I connect, no problems. But if I amend the cipher list in the https monitor the LTM still sends the sslv2 compatible hello. Has anyone come across this before and figured out a workaround? Upgrading isn't an option.
Thanks, Tony.