Forum Discussion
David_G__33241
Nimbostratus
NimbostratusEdge Client Cipher Suite
When a SSL client profile is created, you have the ability to define the ciphers that you want the client to be able to use. The DEFAULT suite uses TLS 1.0, 1.1 and 1.2.
On my workstation (Cont...
Steve_M__153836Nimbostratus
NimbostratusEach browser is going to have its own cipher suite preference. Someone else posted this link in a thread I can't remember, but it will tell you what your browser's cipher suite order is: https://cc.dcsec.uni-hannover.de/. Changing something in Windows might override IE from a client perspective, or customize what IIS will present. However, each browser is going to have its own cipher suite order. I think modern browsers will also always try TLS 1.2 first, but I'm not sure about that.
David_G__33241Nimbostratus
NimbostratusMy question is about connecting with the Edge Client.
The DEFAULT Cipher Suite supports TLS only. If I disable TLS 1.0, 1.1 and 1.2 in Windows I am unable to establish a connection to the Big-ip using the Edge client - this would imply that the Edge client leverages the Windows security configuration. However, if I enable TLS 1.0 in Windows, then the Edge client DOES connect and it reports the protocol as being TLS 1.2 - this would imply that the cipher suite is built-in the Edge client.
I'm trying to understand the mechanics of this...
