Expected Results for changing a Cipher Suite

Question

I'm working on removing tlsv1 tlsv1_1 from the available ciphers on all connections.  In the past I've done this, on the fly, with no notice by users but with a recent change I had issues with a couple applications.   
&nbsp;
Before I assume the applications require these ciphers I want to ask, what should I expect to see when removing ciphers?  If I remove a cipher, at any given moment there are 2000 sessions.&nbsp;
Is it expected that connections currently using those ciphers would break, users could see temporary service interruption?&nbsp;
One of the apps that I had an issue with is ActiveSync.&nbsp;

kevin_stewart · Answer

Any existing sessions will remain after you make the profile change. But renegotiations and new SSL sessions will take the new settings.&nbsp;

Forum Discussion

Expected Results for changing a Cipher Suite

Recent Discussions

Diameter iRules attachment?

Source IP F5 DNS Zone Forwarder

F5 BIG-IP

BIG-IP Oauth Client and AS

How to Renew F5 Device Certificate

Related Content

IBM and F5: Aligning results with expectations

iRule URI Matching Not Working as expected.

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Example Expect Script

iRules variables in BIG-IP Next: behavior change

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS