For version 11.6.1, sslv3 not in default SSL profile

Question

For version 11.6.1, sslv3 not in default SSL profiles. Is there any bug id related to the same. while we upgrade the f5 ltm to version 11.6.1 we found sslv3 is not disabled by default, we explicitly disabled the sslv3. Please suggest.

kevin_stewart · Answer

Please see this: SOL15022: SSLv3 protocol is disabled in the DEFAULT SSL ciphers&nbsp;
And for more information about what's in the DEFAULT stack across versions: SOL13156: SSL ciphers used in the default SSL profiles (11.x - 12.x)&nbsp;

iainthomson85_1 · Answer

Your post is a little contradictory - it suggests that you expected that SSLv3 to be disabled in 11.6.1 in the DEFAULT Cipher string (As would I...) However when you upgraded you found it was enabled?&nbsp;
Have you verified this by viewing the SSL Cipher String DEFAULT post upgrade?&nbsp;

purna_256577 · Answer

SSLv3 should disabled by default as per SOL15022, But it is not disabled in our case. We manually disabled the SSLv3 in version 11.6.1. My query is this is a expected behavior or any bug related to it.

kevin_stewart · Answer

Something might have carried over from the upgrade. Can you look at the DEFAULT stack and see what it says?
tmm --clientciphers DEFAULT

Forum Discussion

For version 11.6.1, sslv3 not in default SSL profile

4 Replies

Bram - January 2026 Featured Member

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

AWS F5_OWASP Managed Rule Blocking requests

F5OS VLAN naming length restrictions

How can I measure Advanced WAF (ASM) throughput on a running BIG-IP VE (per VIP / per policy)?

Maintenance page / local website that includes subfolders

VIPRION B2250 to VELOS CX410 and BIG-IPr10900 migration

Related Content

Recommended Version

TMOS Version Update Paths

Multiple Default Gateways

BIGdiff Version 2

Set HTTP version

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS