Jump to content
Welcome to our new Citrix community!

SSL session negotiation fails between NetScaler and a backend server

Pawel Rzepa

Recommended Posts



I face problems with SSL session negotiation between NetScaler and a backend server. NetScaler is enabled for TLSv1.0, TLSv1.1 and TLSv1.2 and the backend server supports only TLSv1.0.

I ran tcpdump for the failed SSL session and found that
 - NetScaler sends TLSv1.2 as the highest supported version in Client Hello message
 - backend server responds with TLSv1.0 in Server Hello
 - NetScaler sends alert with Protocol Version code


NetScaler uses the following SSL Profile for the backend server:

> show ssl profile SSL_PROF_BACKEND_ALL
1)      Name: SSL_PROF_BACKEND_ALL      (Back-End)
        Server Auth: DISABLED
        Use only bound CA certificates: DISABLED
        Strict CA checks:               NO
        Session Reuse: ENABLED          Timeout: 300 seconds
        DH: DISABLED
        Ephemeral RSA: DISABLED
        Deny SSL Renegotiation          ALL
        Non FIPS Ciphers: DISABLED
        Cipher Redirect: DISABLED
        SSL Redirect: DISABLED
        Send Close-Notify: YES
        Strict Sig-Digest Check: DISABLED
        Push Encryption Trigger: Always
        PUSH encryption trigger timeout:        1 ms
        OCSP Stapling: DISABLED
        Strict Host Header check for SNI enabled SSL sessions:          NO
        Push flag:      0x0 (Auto)
        SSL quantum size:               8 kB
        Encryption trigger timeout      100 mS
        Encryption trigger packet count:        45

NetScaler NS11.1: Build 59.10.nc


What should I do to make NetScaler accept TLSv1.0?



Link to comment
Share on other sites

Thanks Mihai for the answer.


I use this SSL backend profile for multiple backend servers, some of which are only TLSv1.0 enabled, some all up to TLSv1.2. I enabled all these TLS versions for the SSL_PROF_BACKEND_ALL profile and hoped that it can cover all my backend servers. Is there anything I can do to have this SINGLE profile use for all the servers?


What could be the reason for allowing administrators to enable all of the TLS versions, if finally only one of them can be used? I guess I'm missing sth in the config....

Link to comment
Share on other sites

I think that's not a matter of ciphers


Client Hello:

Secure Sockets Layer
    TLSv1.2 Record Layer: Handshake Protocol: Client Hello
        Content Type: Handshake (22)
        Version: TLS 1.2 (0x0303)
        Length: 165
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 161
            Version: TLS 1.2 (0x0303)
            Random: 5cab4246c89cbfce4bf16255f182a99c6412e4a0ac98ed3f...
                GMT Unix Time: Apr  8, 2019 14:44:54.000000000 CEST
                Random Bytes: c89cbfce4bf16255f182a99c6412e4a0ac98ed3f0b7abf2a...
            Session ID Length: 32
            Session ID: 5cab42463fdf567670d005a8c0b01f89ad89564b4377831c...
            Cipher Suites Length: 62
            Cipher Suites (31 suites)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
                Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
                Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
                Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
                Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
                Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)


Server Hello:

Secure Sockets Layer
    TLSv1 Record Layer: Handshake Protocol: Multiple Handshake Messages
        Content Type: Handshake (22)
        Version: TLS 1.0 (0x0301)
        Length: 926
        Handshake Protocol: Server Hello
            Handshake Type: Server Hello (2)
            Length: 70
            Version: TLS 1.0 (0x0301)
            Random: 5cab42462e06d1308fcba88ad5180aa0e1feebe7462eca16...
                GMT Unix Time: Apr  8, 2019 14:44:54.000000000 CEST
                Random Bytes: 2e06d1308fcba88ad5180aa0e1feebe7462eca169b213e1c...
            Session ID Length: 32
            Session ID: 5cab424681b4e4bf6b2768b7cc2fddd59639f4ab07fd8aaf...
            Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
            Compression Method: null (0)
        Handshake Protocol: Certificate

Client Alert:

Secure Sockets Layer
    TLSv1 Record Layer: Alert (Level: Fatal, Description: Protocol Version)
        Content Type: Alert (21)
        Version: TLS 1.0 (0x0301)
        Length: 2
        Alert Message
            Level: Fatal (2)
            Description: Protocol Version (70)


What I get from the NetScaler CLI is:


                State: DOWN     Weight: 1       Passive: 0
                Probes: 57518   Failed [Total: 57481 Current: 1526]
                Last response: Failure - Time out during SSL handshake stage
                Response Time: 0.0 millisec

Link to comment
Share on other sites

The Client Hello message :


Version:  contains the highest TLS version that the client supports

Cipher suites:  list of ciphers suites that the client supports



The Server Hello message :


Version:  contains the highest TLS version supported by both the client and server

Cipher suites: the cipher suite chosen by the server from the list of ciphers that the client supports




Link to comment
Share on other sites

I created another SSL Profile with only TLSv1.0 enabled and it worked.

But I still do not understand why in my original SSL Profile with all TLS versions enabled, communication with TLSv1.0-only backend server was broken.

At this moment my enable-all-tlses profile seems to be useless :(

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...