Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

  1. Kemp Support
  2. Knowledge Base
  3. Security

LoadMaster uses a different cipher suite than what it shows in WireShark

Updated

 

Information

 

Summary:

Customer wanted to know why the LoadMaster was using a different Cipher Suite than he was seeing in Wireshark since the cipher name did not match.
Environment:

Product: LoadMaster

Version: Any.

Platform: Any. 

Application: Any.
Question/Problem Description:

The customer saw that the LoadMaster had ECDHE-RSA-AES256-SHA384 configured but instead he saw ECDHE-RSA-AES256-CBC-SHA384 being returned in a packet capture.
Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: The LoadMaster uses a different name to identify Cipher Suites.
Resolution:
  • Explained the customer that both Ciphers are the exact same. ECDHE-RSA-AES256-SHA384 is [0xc028] and ECDHE-RSA-AES256-CBC-SHA384 is also [0xc028]. 
  • The difference is that the LoadMaster will use the OpenSSL name to identify the Ciphers whereas utilities such as WireShark will use the IANA name instead. 
Workaround:  
Notes:

The following link can help identify the actual ID for the Cipher Suites:

https://testssl.sh/openssl-iana.mapping.html

Comments

In this document