Hello All,
I´m using WAF v2 and one of my listeners uses Port 443 and multi-site domain.
I´ve generated a SSL WildCard for this domain using Let´s Encrypt.
When I put WAF in front of this specific site/domain, I receive an error as following
The connection for this site is not secure
homolog-icg.icgti.com.br uses an unsupported protocol
ERR_SSL_VERSION_OR_CIPHER_MISMATCH.
My SSL Policy is as following:
Min protocol versionTLSv1_2
Cipher suitesTLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
I have other websites with other SSL WildCard certificate (paid-not free) in the same backend pool but a different Listener and the error doesn´t happen with them also.
I would suspect that could be the SSL configuration in the server machine, but if other websites are working fine, my guess should be the certificate that not allow the type of cyphers I have in my SSL Policy.
Is this make any sense?
Anyone have tried something similar scenario?
Thanks
Mirella