Wednesday, July 11, 2018

ECDSA Certs & f5s -_-

Little background.

I’ve got a new CA cert that is sha256ECDSA. I need to add it to a bundle I’m using for trusted CA’s on my client SSL profile. All existing certs in this bundle are RSA and work just fine.

I’m on 12.0 LTM code and have added DEFAULT:ECDHE_ECDSA to my ciphers on my client ssl profile. When I add the cert to the bundle I immediately get errors in Chrome and Firefox. IE works just fine with the new cert added.

Firefox error: SSL_ERROR_RX_RECORD_TOO_LONG

Chrome error: ERR_SSL_PROTOCOL_ERROR

I feel like I’ve exhausted all my options and don’t know what else to try. Sorry for formatting, on mobile.



No comments:

Post a Comment