Forum Discussion

Seckin_149390's avatar
Seckin_149390
Icon for Nimbostratus rankNimbostratus
Feb 06, 2015

Adding specific cipher to ssl profile

Hi all,

 

I hope you are doing well,

 

I need to add 2 specific ciphers TLS_RSA_EXPORT1024_WITH_RC4_56_SHA and

 

TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA.

 

What is the syntax for this ? F5' s software version is 11.5.1 hotfix 5

 

Regards.

 

5 Replies

  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Icon for Nacreous rankNacreous
    Feb 06, 2015

    Hi,

    you can use for the TLS_RSA_EXPORT1024_WITH_RC4_56_SHA following syntax 

    !sslv3:EXP1024-RC4-SHA

    and for the TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA : 

    !sslv3:!dtlsv1:EXP1024-DES-CBC-SHA

  • Vitaliy_Savrans's avatar
    Vitaliy_Savrans
    Icon for Nacreous rankNacreous
    Feb 06, 2015
      tmm --clientcipher '!sslv3:EXP1024-RC4-SHA'
   ID  SUITE                            BITS PROT    METHOD  CIPHER  MAC     KEYX
 0:   100  EXP1024-RC4-SHA               56  TLS1    Native  RC4     SHA     RSA

 tmm --clientcipher '!sslv3:!dtlsv1:EXP1024-DES-CBC-SHA'
   ID  SUITE                            BITS PROT    METHOD  CIPHER  MAC     KEYX
   0:    98  EXP1024-DES-CBC-SHA         56  TLS1    Native  DES     SHA     RSA
  • Seckin_149390's avatar
    Seckin_149390
    Icon for Nimbostratus rankNimbostratus
    Feb 06, 2015

    Hi Vitaliy,

     

    Firstly, thanks for your swift response.

     

    I have added this in the GUI --> ssl --> client profile --> ciphers section like this,

     

    DEFAULT:!SSLv3:EXP1024-RC4-SHA but it gives an error as follows ;

     

    01070312:3: Invalid keyword 'exp1024-rc4-sha' in ciphers list for profile /Common/test

     

    Any Suggestions ?

     

    Regards.

     

  • Seckin_149390's avatar
    Seckin_149390
    Icon for Nimbostratus rankNimbostratus
    Feb 09, 2015

    Hi Vitaliy,

     

    Many thanks for this, problem solved. There was a problem on the syntax.

     

    Regards.