For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

VFB's avatar
VFB
Icon for Cirrus rankCirrus
Aug 24, 2022

Cipher Suite error

A server team provided the following ciphers used, but for some reason, I am unable to either create a rule or group for them. Any help would be appreciated   TLS-CHACHA20-POLY1305-SHA256 TLS-AES-...
application delivery
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Aug 25, 2022

It might be helpful to verify that the intention is to support TLS 1.2 and TLS 1.3 ciphers (or just TLS 1.3). The top three in your list are explicitly TLS 1.3. The following literal cipher string will produce exactly what's in your list:

 

tmm --clientciphers '!DTLSv1_2:TLS13-AES256-GCM-SHA384:TLS13-AES128-GCM-SHA256:TLS13-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256;ECDHE-ECDSA-AES256-GCM-SHA384'

SUITE                                  PROT
TLS13-AES256-GCM-SHA384                TLS1.3
TLS13-AES128-GCM-SHA256                TLS1.3
TLS13-CHACHA20-POLY1305-SHA256         TLS1.3
ECDHE-ECDSA-CHACHA20-POLY1305-SHA256   TLS1.2
ECDHE-ECDSA-AES128-GCM-SHA256          TLS1.2
ECDHE-ECDSA-AES256-GCM-SHA384          TLS1.2

 

 

  • JRahm's avatar
    JRahm
    Icon for Admin rankAdmin
    Aug 26, 2022

    If this answered your question VFB, can you accept the solution so it will be more helpful to others who find this thread? Thank you!