Last Modified: Jan 29, 2019
See more info
Known Affected Versions:
13.1.0, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 13.1.1, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11
Opened: May 26, 2017
The default GTM https monitor (and its derivative built-in monitors like https_head_f5) supports EXPORT grade ciphers.
The node that GTM is monitoring is marked as GREEN/available.
Default GTM HTTPS or its derivative built-in monitors like https_head_f5 are being used to monitor a node that only supports EXPORT ciphers.
Default GTM HTTPS monitor no longer supports EXPORT ciphers.
The built-in GTM HTTPS monitor used to support EXPORT ciphers. This meant that monitoring a node that only supported EXPORT ciphers from GTM with the HTTPS monitor would result in the node being marked as GREEN/available. Now the built-in GTM HTTPS monitor (and its derivative built-in monitors like https_head_f5) no longer support EXPORT ciphers. If GTM is monitoring a node that only supports EXPORT ciphers with a default HTTPS monitor (or a derivative built-in like https_head_f5), then the node will be marked DOWN/offline. Note: If you want to continue monitoring a node from GTM that supports only EXPORT ciphers, you can create a custom HTTPS monitor and define the custom cipherlist field to allow EXPORT ciphers.