Forum Discussion
mc1903_137193
Sep 25, 2015Nimbostratus
Client SSL Profile Cipher...Disable DES-CBC3-SHA.
One of my sites has just be penetration tested and a low risk was identified.
The following weak ciphers were supported
Testing SSL server mysite.fqdn on port 443
Supported Server Cipher(s):
...
MVA
Sep 25, 2015Nimbostratus
Ensure the cipher section has "DEFAULT:!DES-CBC3-SHA", no quotes. Note, my original comment has semi-colon and it should be colon. Try that.
- mc1903_137193Sep 25, 2015NimbostratusThanks again Mel. That was accepted this time, but when I retested my site the SSL Labs test rating dropped from an A+ (100/97/100/90) to a B (100/70/80/90).
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects