Forum Discussion

carol's avatar
carol
Icon for Altostratus rankAltostratus
Feb 24, 2020
Solved

ECDSA certificates - do not seeem to be presented

Hello,

 

We have recntly got a first ECDSA certificate. When I tried to configure the SSL profile it did not let me because at least one RSA certificate must be included. We do not have one for this url so I picked the self signed one hoping that would be just a fallback for really old browsers. But when checking the URL with the browsers (Chrome and Firerefox - up to date) I only get presented the second - RSA - certificate. I am sure this is not a limitation on the Browser side, so I am wondering if the F5 bigip maybe does not present it. The question is why? I was thinking that maybe the cipher suites that go along in the SSL profile are not all compatible with the ECDSA certificate, but there are several that should be. The documentation (https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-13-0-0/8.html) does not secify anything else (I am actually running 12 but should not make a big difference. Any ideas?

 

Regards

Carol

  • Hi Carol,

     

    I suspect this is to do with your cipher group/string though we haven't been using these key exchanges yet. The article you provided states use 'ECDHE' but this will include all suites using RSA key exchange. For example:

    # tmm --clientciphers 'ECDHE'    

        ID SUITE              BITS PROT  CIPHER       MAC   KEYX

     0: 49199 ECDHE-RSA-AES128-GCM-SHA256   128 TLS1.2 AES-GCM       SHA256 ECDHE_RSA 

     1: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1  AES         SHA   ECDHE_RSA 

     2: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.1 AES         SHA   ECDHE_RSA 

     3: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.2 AES         SHA   ECDHE_RSA 

     4: 49171 ECDHE-RSA-AES128-CBC-SHA     128 DTLS1 AES         SHA   ECDHE_RSA 

     5: 49191 ECDHE-RSA-AES128-SHA256     128 TLS1.2 AES         SHA256 ECDHE_RSA 

     6: 49200 ECDHE-RSA-AES256-GCM-SHA384   256 TLS1.2 AES-GCM       SHA384 ECDHE_RSA 

     7: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1  AES         SHA   ECDHE_RSA 

     8: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.1 AES         SHA   ECDHE_RSA 

     9: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.2 AES         SHA   ECDHE_RSA 

    10: 49172 ECDHE-RSA-AES256-CBC-SHA     256 DTLS1 AES         SHA   ECDHE_RSA 

    11: 49192 ECDHE-RSA-AES256-SHA384     256 TLS1.2 AES         SHA384 ECDHE_RSA 

    12: 52392 ECDHE-RSA-CHACHA20-POLY1305-SHA256  256 TLS1.2 CHACHA20-POLY1305  NULL  ECDHE_RSA 

    13: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1  DES         SHA   ECDHE_RSA 

    14: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.1 DES         SHA   ECDHE_RSA 

    15: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.2 DES         SHA   ECDHE_RSA 

     

    You'll need to specify 'ECDHE_ECDSA' to only offer ECDSA key exchange cipher suites. Hopefully that'll do the job.

     

    Kind regards

    Ben

2 Replies

  • Hi Carol,

     

    I suspect this is to do with your cipher group/string though we haven't been using these key exchanges yet. The article you provided states use 'ECDHE' but this will include all suites using RSA key exchange. For example:

    # tmm --clientciphers 'ECDHE'    

        ID SUITE              BITS PROT  CIPHER       MAC   KEYX

     0: 49199 ECDHE-RSA-AES128-GCM-SHA256   128 TLS1.2 AES-GCM       SHA256 ECDHE_RSA 

     1: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1  AES         SHA   ECDHE_RSA 

     2: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.1 AES         SHA   ECDHE_RSA 

     3: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.2 AES         SHA   ECDHE_RSA 

     4: 49171 ECDHE-RSA-AES128-CBC-SHA     128 DTLS1 AES         SHA   ECDHE_RSA 

     5: 49191 ECDHE-RSA-AES128-SHA256     128 TLS1.2 AES         SHA256 ECDHE_RSA 

     6: 49200 ECDHE-RSA-AES256-GCM-SHA384   256 TLS1.2 AES-GCM       SHA384 ECDHE_RSA 

     7: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1  AES         SHA   ECDHE_RSA 

     8: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.1 AES         SHA   ECDHE_RSA 

     9: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.2 AES         SHA   ECDHE_RSA 

    10: 49172 ECDHE-RSA-AES256-CBC-SHA     256 DTLS1 AES         SHA   ECDHE_RSA 

    11: 49192 ECDHE-RSA-AES256-SHA384     256 TLS1.2 AES         SHA384 ECDHE_RSA 

    12: 52392 ECDHE-RSA-CHACHA20-POLY1305-SHA256  256 TLS1.2 CHACHA20-POLY1305  NULL  ECDHE_RSA 

    13: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1  DES         SHA   ECDHE_RSA 

    14: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.1 DES         SHA   ECDHE_RSA 

    15: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.2 DES         SHA   ECDHE_RSA 

     

    You'll need to specify 'ECDHE_ECDSA' to only offer ECDSA key exchange cipher suites. Hopefully that'll do the job.

     

    Kind regards

    Ben

  • Hello. Indeed that was the issue. Now I am stuck with another one. The VIP currently has some none ECDSA servers and I cannot mix the SSL profiles. So I tried to use a generic VIP and target the final VIP using a policy (https://devcentral.f5.com/s/articles/sni-routing-with-big-ip-31348) to get the traffic to the right server but it fails so far (in fact some of my colleagues did try VIP targeting in the past and failed but we never looked into it deeper). To be continued :-). Thank you!