F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Daniel_Varela's avatar
Daniel_Varela
Icon for Employee rankEmployee
Jan 05, 2018

ECDSA only clientssl profiles

Hi,   Does someone know if it is planned to support clientssl profiles with only ECDSA keys? I think is not useful to require RSA keys as pretty much any modern browser support these type o keys ...
application delivery
ciphers
clientssl
ecdsa
LTM
Hannes_Rapp's avatar
Hannes_Rapp
Icon for Nimbostratus rankNimbostratus
Jan 05, 2018

Check this with product developers. You have the privilege to sit on the table of one of your comrades and harass them directly. You can also go the official route and open a RFE but that won't be nearly as effective :)

 

Hopefully there will be an option in BigIP 14. But I'm afraid that for a while, things will get more complex. As RSA is being phased out but not completely dead, a backup option is just as important. A dual-setup would make sense - link to ECDSA private key as recommended default, and RSA private key as optional backup for legacy clients.