For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

David_G__33241's avatar
David_G__33241
Icon for Nimbostratus rankNimbostratus
May 26, 2015

Edge Client Cipher Suite

When a SSL client profile is created, you have the ability to define the ciphers that you want the client to be able to use. The DEFAULT suite uses TLS 1.0, 1.1 and 1.2.   On my workstation (Cont...
BIG-IP Access Policy Manager (APM)
security
Steve_M__153836's avatar
Steve_M__153836
Icon for Nimbostratus rankNimbostratus
May 26, 2015

Each browser is going to have its own cipher suite preference. Someone else posted this link in a thread I can't remember, but it will tell you what your browser's cipher suite order is: https://cc.dcsec.uni-hannover.de/. Changing something in Windows might override IE from a client perspective, or customize what IIS will present. However, each browser is going to have its own cipher suite order. I think modern browsers will also always try TLS 1.2 first, but I'm not sure about that.

 

Steve_M__153836's avatar
Steve_M__153836
Icon for Nimbostratus rankNimbostratus
May 26, 2015
Couln't find much documentation for this, but you could try turning on verbose logging for the client and see if you get anything useful in the logs. http://support.f5.com/kb/en-us/solutions/public/12000/600/sol12639.html?sr=45847447