Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

HetmanG's avatar
HetmanG
Icon for Nimbostratus rankNimbostratus
Jan 10, 2024

Enabling ECDHE-ECDSA Ciphers TMOS 15.1.10.x

Hello, To meet security requirements, I am attempting to enable TLS 1.3 as well as turn off insecure ciphers including CBC Ciphers and all other insecure Ciphers.  I built a Cipher Group which inclu...
application delivery
Michael_Saleem's avatar
Michael_Saleem
Icon for MVP rankMVP
Jan 10, 2024

Your NMAP scan will only show ECDSA ciphers if you have an ECDSA SSL certificate terminated on the VIP. I suspect that you are using an RSA SSL certificate, which is why you will only see RSA based ciphers.

whisperer's avatar
whisperer
Icon for MVP rankMVP
Feb 07, 2024

I would markMichael_Saleemreply as the solution here.

ECDSA ciphers require that the server has an ECC certificate. It is likely that you have only a RSA certificate though (which is the common case), which means that ECDSA ciphers will not be supported even if they are configured.