Forum Discussion
lorenze
Altocumulus
AltocumulusEnable additional ciphers
Hi Folks, I'm fairly new to F5 and was wondering if we can add additional ciphers to through our ssl profiles. Currently we have Big-IP 11.5.4 and for client and server ssl profile we have t...
Dario_Garrido
Noctilucent
NoctilucentHello Lorenze.
Those ciphers should already be included in the Native suite for 11.5.4
REF - https://support.f5.com/csp/article/K13163#11.5.3
Check with this command:
tmm --clientciphers DEFAULTHere you have an example of how to include 'ECDHE_ECDSA' on your SSL profile.
REF - https://support.f5.com/csp/article/K13171#sslcipher
Regards,
Dario.
lorenzeAltocumulus
AltocumulusHello ,
Thank you for your response. I will try to update the cipher string on my client ssl profile to this one:
DEFAULT:!SSLv2:!EXPORT:RSA+AES:RSA+3DES:RSA+RC4:ECDHE+AES:ECDHE+3DES:ECDHE+RC4:ECDHE+ECDSA:ECDHE+AES-GCM:!MD5:!SSLv3
and see if that gives me the cipher that we need. I'll update here on how it goes.
Thanks!
