Preview Tool

Cisco Bug: CSCuo17909 - WSA does not support elliptic_curves and ec_point_formats extensions

Last Modified

Mar 07, 2018

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

7.5.2-HP2-303 8.0.7-142 8.0.8-MR-113 8.5.1-021 8.5.2-027

Description (partial)

When going to https site that uses elliptic_curves and ec_point_formats extensions in their client hellos the WSA does not support those extensions which causes the webserver to reset the connection.

When comparing the client's HELLO with the proxy's HELLO, the clients contain these extensions:
 Extension: ec_point_formats
 Extension: elliptical_curves
 where the proxy's does not.

Related Community Discussions

<key>CSCuo17909</key> - WSA does not support elliptic_curves and ec_point_formats extensions
So, what are we supposed to do when a CDN starts using SSL settings like this? Bypassing akamai's networks doesn't sound very tempting.
Latest activity: Feb 01, 2016
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.