Bug ID 818789: Setting ssl profile to none in https monitor, not setting Ciphers to DEFAULT as in serverssl Profile

Last Modified: Sep 06, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.4, 14.1.0.5, 14.1.0.6, 14.1.2, 15.0.0, 15.0.1

Opened: Aug 29, 2019
Severity: 3-Major

Symptoms

With in-tmm monitoring enabled (or sys db bigd tmm set to enable) and with https monitor's ssl-profile set to none, the expected behavior is to send ciphers in ClientHello based on default serverssl profile as mentioned in GUI help for https monitor.

Impact

Ciphers are not exchanged as expected in the ClientHello Packets

Conditions

Configure HTTPS Monitor with ssl-profile "None".

Workaround

Configure HTTPS Monitor without ssl-profile option, default serverssl profile will be used

Fix Information

None

Behavior Change