ADFS proxy not working
We have F5 hardware load balancer which do the load balancing job for ADFS proxy server requests with certificates configured in F5, We have replaced SHA 1 certiifcates with SHA2 (sha256)certificates both on servers & as well in F5 post that external users are not able to login to ADFS relying party applicatons whereas internal one's working fine
Internal request---F5(No Certificate)---ADFS 3.0 (Hosted 2012 R2) servers External request--F5(Certificate)---ADFS proxy servers (Hosted on 2012 R2 servers)---ADFS servers
In ADFS proxy servers, we are finding many CIPHER errors which came after certificate renewal. Post roll back to old certificate errors are gone
Currently on F5 it is configured with default Cipher settings, Can someone have any idea whether it require any changes related to CIpher suite
If i change the Cipher suite will it impact other VIP's
Log Name: System
Source : Schannel
Event ID: 36888
Time : 6/15/2015 10.01 AM
Level : Error
User : System
Computer : abc
Description: A fatal alert was generated and sent to remote endpoint. This may result in termination of connection. The TLS protocol defined fatal error code is 40. The windows Schannel error state is 1205
Log Name: System
Source : Schannel
Event ID: 36874
Time : 6/15/2015 10.01 AM
Level : Error
User : System
Computer : abc
Description: An TLS 1.2 connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed