SSL version 3 (SSLv3) is not supported on an MPX appliance but is supported on a VPX virtual appliance. A VPX instance provisioned on an SDX appliance supports SSLv3 only if an SSL chip is not assigned to the instance.
ECDHE/DHE ciphers and Export ciphers are not supported.
SSL server key exchange using HSM keys is not supported.
If you have added or removed keys after you last saved the configuration, you must save the configuration before you perform a warm restart. If you do not save the configuration, there will be a key mismatch between the ADC and the HSM.
You cannot bind an HSM key to a DTLS virtual server.
You cannot bind a certificate-key pair that is created by using an HSM key to an SSL service.
You cannot use the NetScaler configuration utility to enroll the ADC as a client of the HSM or check the status of the HSM from the configuration utility.
From release 11 build 62.x, SSL renegotiation is supported.
You cannot sign OCSP requests by using a certificate-key pair that is created by using an HSM key.
A certificate bundle with HSM keys is not supported.
An error does not appear if the HSM key and certificate do not match. Therefore, while adding a certificate-key pair, you need to make sure that the HSM key and certificate match.