Forum Discussion

Nimbostratus

Nov 30, 2016

How to disable TLSv1.1

HI All, in SSL client ciphers TLSv1 is disabling TLSv1.0 but not TLSv1.1 , Can some one please let me know what should i add to disable TLSv1.1 ?

Nacreous

Nov 30, 2016

You need to use an underscore instead of a dot, for example

DEFAULT:!TLSv1_1

cipher string will work.

You can verify that

:!TLSv1.1

doesn't work by executing the following:

tmm --clientciphers 'DEFAULT:!TLSv1.1'

(BigIP Bash shell).

Kevin_Stewart

Employee

Nov 30, 2016

Good catch. ;)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

How to disable TLSv1.1

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 301a exam

UCS Encryption Question

Unblock Request WAF

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

Related Content

TLSv1.0 and TLSv1.1 disable in Device Certificate

Disable TLSv1.1

Disabling Weak Ciphers

Disable below cipher

iRules: Disabling Event Processing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS