Forum Discussion

Cirrus

Sep 12, 2023

Solved

Cipher Suites Supported (12.1.5.3)

Hi, I am trying to adjust the SSL profile of a service to get grade A in SSL Labs. The machine the virtual server runs on is: --- Sys::Version Main Package Product BIG-IP Version 12.1.5.3 Buil...

security

Enes_Afsin_Al
Sep 12, 2023
Hi Martin182,

No new cipher suites have been added for versions 12.1.4 and 12.1.5.

https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-12-1-4.html#asm_rn_new
https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/product/relnote-bigip-12-1-5.html#rn_new

You can view all ciphers with the following command from cli.

tmm --clientciphers all

You can use the "!DHE:!DH" string to remove DHE and DH key exchange parameters from the cipher suite. Or you can use only "ECDHE+AES-GCM" cipher suite.

PSFletchTheTek

Cumulonimbus

Sep 13, 2023

Just check your ssl config, there is a cyhper config hidden under a Basic/advanced filter in the profile that might not be fully locked down.

I had something very simular. in v14. and it was more on the ssl config than what was supported.

Martin182

Cirrus

Sep 13, 2023

You mean the cipher rules/groups?, they are not available on this version, I think the first one to implement them is v13.

PSFletchTheTek
Cumulonimbus
Sep 14, 2023
O, sorry i started my f5 works at late v13 straight into v14 about 2 months later.
So it looks like its a feature that's appeared in that time!

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cipher Suites Supported (12.1.5.3)

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Bot Defense causing a lot of false positives

iRules for recreation: HTTP Protocol Parser implemented using BIG-IP iRule(unfinished)

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

T4 and ALL tenant images

F5 DNS Logs in JSON Format

Related Content

Cipher Suite Practices and Pitfalls

Support and Help for DevCentral and Offline Contact

APM Configuration to Support Duo MFA using iRule

LTM Cipher rule

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS