Forum Discussion
aalkhuja_160331
Cirrus
Feb 07, 2017Enable Forward Secrecy
Hi all
How to enable forward secrecy on a specific virtual server?
Thank you
Ammar
Kai_Wilke
MVP
Feb 07, 2017Hi aalkhuja,
as Nathan has pointed out you have to a.) either remove every non PFS enabled algorythms or b.) you have to prioritise the PFS enabled algorythms in your Client-SSL-Profile chipher suite.
You may check out a posting of mine to build a solid chipher suite string to achive a good compatibility (legacy algorythms for Windows XP / IE8 are still supported) while prefering PFS enabled algorythms for the PFS enabled browsers.
HowTo: Getting an awesome Qualys SSL-Labs rating (Feb 2017 Update)
Cheers, Kai
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects