Forum Discussion
MVA
Nimbostratus
You can disable in the client-ssl profile specific to the VIP or at the parent client-ssl profile by adding "!DES-CBC3-SHA" at the Ciphers section. i.e., "DEFAULT;!DES-CBC3-SHA". Then re-scan to confirm it's disabled or via openssl "openssl s_client -cipher 'DES-CBC3-SHA' -connect %IP%:443"
Hope that helps.
mc1903_137193
Sep 25, 2015Nimbostratus
Thank you Mel.
I have just tried your suggestion and I get the following error when I press update:
01070312:3: Invalid keyword 'des-cbc3-sha' in ciphers list for profile /Common/mysite-fqdn_client_ssl_profile
Any thoughts what I have done wrong?
Martin