Forum Discussion

Employee

Jan 05, 2018

ECDSA only clientssl profiles

Hi, Does someone know if it is planned to support clientssl profiles with only ECDSA keys? I think is not useful to require RSA keys as pretty much any modern browser support these type o keys ...

Nimbostratus

Jan 05, 2018

Check this with product developers. You have the privilege to sit on the table of one of your comrades and harass them directly. You can also go the official route and open a RFE but that won't be nearly as effective :)

Hopefully there will be an option in BigIP 14. But I'm afraid that for a while, things will get more complex. As RSA is being phased out but not completely dead, a backup option is just as important. A dual-setup would make sense - link to ECDSA private key as recommended default, and RSA private key as optional backup for legacy clients.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ECDSA only clientssl profiles

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Capture Virtual Server Clientssl Profile & Ciphers Mapping - Bash

TLS server_name extension based routing without clientssl profile

limit to number of clientssl profiles

Make a copy of all existing clientssl profiles requiring TLS1.2

BASH Script to find ClientSSL's mapped to Virtual Servers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS