LocalLB::SecureRenegotiationMode

Introduced : BIG-IP_v9.0
A list of SSL secure renegotiation modes. These settings change slightly between client and server SSL profiles. An unpatched client or server does not support secure negotiation as defined in RFC 5476.

Members

Member

Value

Description

SECURE_RENEGOTIATION_MODE_UNKNOWN

0

The secure renegotiation mode is either unknown or unsupported by iControl.

SECURE_RENEGOTIATION_MODE_REQUEST

1

Any unpatched client or server attempting to renegotiate will be allowed. This mode is not recommended.

SECURE_RENEGOTIATION_MODE_REQUIRE

2

In Server SSL profiles: Any connection to an unpatched server will have its initial handshake denied. In Client SSL profiles: Any client attempting to renegotiate that does not support secure renegotiation will have its connection aborted.

SECURE_RENEGOTIATION_MODE_REQUIRE_STRICT

3

In Server SSL profiles: The functionality will be the same as in the SECURE_RENEGOTIATION_REQUIRE mode. In Client SSL profiles: Any connection from an unpatched client will have its initial handshake denied.

See Also

iControl ::
iControl :: LocalLB

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code


Copyright © 1996-2012, F5 Networks, Inc. All rights reserved.

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.