Forum Discussion

Altocumulus

Aug 26, 2017

Disable TLS 1.0 and 1.1 protocol on VIPS, Only TLS 1.2 should be on.

Suppose we have to disable TLS 1.0 and 1.1 protocol on a VIP. Only TLS 1.2 should be enabled. Consider client-ssl profile is having the existing ciphers as : ciphers DEFAULT:!ADH:!EXPORT40...

devops

LTM

jaikumar_f5

Aug 27, 2017

Here,

tmsh create /ltm profile client-ssl cssl_tls12_only ciphers TLSv1_2

Reference

AJF5

Altocumulus

Aug 26, 2017

It is 11.3. And yes you are right about modiying the SSL profile. But my question was if I am changing the current cipher in client-ssl profile "DEFAULT:!ADH:!EXPORT40:!EXP:!LOW:!SSLv3:!MD5:!RC4-SHA:!3DES" with "TLSv1_2". Will that work as we want only TLSv1.2 to be enabled.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Disable TLS 1.0 and 1.1 protocol on VIPS, Only TLS 1.2 should be on.

Recent Discussions

f5 command document

Default retry time inband monitor

Retain the URL on Browser

Priority group activation on GTM.

Nginx Plus LB as backend node member on F5 LTM

Related Content

Proxy Protocol v2 Initiator

BIG-IP BGP Routing Protocol Configuration And Use Cases

Proxy Protocol Initiator

SSL protocol mismatch

Proxy Protocol Receiver

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS