Forum Discussion
Certain Cipher suites are not shown in ssl server test
- Mar 17, 2020
Yes, they are properly assigned. When I change the CIpher rule which is:
TLSv1_3:ECDHE_ECDSA+AES-GCM:ECDHE+AES-GCM:ECDHE+AES:ECDHE_ECDSA+CHACHA20-POLY1305:ECDHE+CHACHA20-POLY1305:!DHE+AES-GCM:!TLSv1:!TLSv1_1:!ECDHE+AES:@STRENGTH
I see differencies when checking the ciphers but only ECDHE_ECDSA are not visible into the ssllabs.
I even tried with openssl and sslscan tools via linux and didn't saw it as well....
I just found out the reason. The certificate is created as RSA. which means :
RSA: Specifies that the key is based on the RSA public key encryption algorithm.
So no ECDSA will be presented even allowed in the cipher suite....
Yes, they are properly assigned. When I change the CIpher rule which is:
TLSv1_3:ECDHE_ECDSA+AES-GCM:ECDHE+AES-GCM:ECDHE+AES:ECDHE_ECDSA+CHACHA20-POLY1305:ECDHE+CHACHA20-POLY1305:!DHE+AES-GCM:!TLSv1:!TLSv1_1:!ECDHE+AES:@STRENGTH
I see differencies when checking the ciphers but only ECDHE_ECDSA are not visible into the ssllabs.
I even tried with openssl and sslscan tools via linux and didn't saw it as well....
I just found out the reason. The certificate is created as RSA. which means :
RSA: Specifies that the key is based on the RSA public key encryption algorithm.
So no ECDSA will be presented even allowed in the cipher suite....
Thanks a lot... spent the whole day on the same issue. Sometimes it is that easy 😄
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com