Disabling SSLv3 for Configuration Utility.

Question

I tried to follow the instructions in SOL15702: SSLv3 vulnerability CVE-2014-3566 to disable SSLv3 for the Configuration Utility (BIG-IP v11.6.0).&nbsp;
Changing, i.e. removing SSLv3, by appending ":!SSLv3" or ":-SSLv3" to the ciphersuite led to my Firefox (v33) giving the following error:&nbsp;
"An error occurred during a connection to example.com. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)"&nbsp;
and I could no longer connect to the CU. I have since reversed the change.&nbsp;
After looking into "/etc/httpd/conf.d/ssl.conf", I have found that it seems that what should be changed is "SSLProtocol" rather than "SSLCipherSuite".&nbsp;

jg · Answer

I have just seen this one: CVE-2014-3566: Removing SSLv3 from BIG-IP, which is right!&nbsp;

jg · Answer

I have found that SOL15702 has since been updated with correct information.&nbsp;

F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Disabling SSLv3 for Configuration Utility.

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

can't access on prem dns when using F5LTM as a gateway

Issue with TLS Version 1.1 Deprecated Protocol

Service discovery is not happening in AS3

Load balanced RDP VIP use in APM

Deleting an AS3 Tenant

Related Content

configuration utility restarting (upgrade)

Solution for delayed BIG-IP page load of the Configuration utility

BIG-IP Configuration utility vulnerability CVE-2023-38138

wccp configuration for SSL Orchestrator

F5 utilization

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS