10.0 CR 4 software gateway
Enabling TLS 1.3 via PM on listen ports does not appear to function properly.
If TLS1.2 is also enabled, clients connect with 1.2. If only TLS1.3 is enabled, clients fail to connect and also VIP (F5) probes fail.
Tested with multiple 1.3 compatible browsers.
Release : 10.0
Component : API GATEWAY
Ensure that the following cipher suites are enabled when TLS 1.3 option is selected:
TLS 1.3 was added in CR for gateway 10, this is why the documents note to enable the two ciphers. New features are not added to existing object, if you were to create a new listening port for SSL these would be enabled
Moving forward gateway 10.1 the default configuration of the ports and new ports created for SSL has 1.2 and 1.3 checked and all the ciphers enabled