Forum Discussion

Employee

Oct 21, 2008

Detecting TLS v1.1

Does anyone know what string (if anything) LTM 9.4.x will return for [SSL::cipher version] if the client is using TLS v1.1 (ie Opera)? I'm trying to account for the possibility of a TLS v1.1 ...

Historic F5 Account

Oct 22, 2008

Why not just set no SSLv2 on your Client Profile? The error message isn't as friendly, but SSLv2 has serious security flaws and has been replaced with SSLv3 since 1996.

Either that or turn it on its head and match $ver == "SSLv2", which is only one comparision and will therefore save you a few cpu cycles. Also standards will continue to evolve and TLS 1.2 was approved in august

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Detecting TLS v1.1

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

How to disable only TLS v1 & TLS v1.1 on specific virtual server

F5 Distributed Cloud JA4 detection for enhanced performance and detection

Load Balancing TCP TLS Encrypted Syslog Messages

Decrypting TLS traffic on BIG-IP

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS