Forum Discussion
Joe_Pipitone
May 01, 2015Nimbostratus
BigIP 11.6 HF4 + SSL ciphers
We've recently upgraded to 11.6 to eliminate Chrome's obsolete cryptography message. I have an iRule that is allowing me to perform Strict Transport Security (HSTS), allowing us to obtain an A+ rati...
Opher_Shachar_6
Mar 17, 2016Nimbostratus
This is an OLD discussion I know. I stumbled upon it by accident and thought to share my 2 cents.
I use thisECDHE:DEFAULT:!DHE
simple cipher-suite string to get an A+ rating, with only the IE6/XP combination failing to connect (as it has no support for the TLS protocol).
What this cipher-suite string essentially does (over the default) is bring to front the ECDHE ciphers and dumps the DHE ciphers.Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects