Forum Discussion
How to list all cipher keywords
Can I query from tmos or cli to list all valid cipher keywords? (Not tmm --clientciphers DEFAULT - I just want keywords like !TLSv1 and the like).
If not, is there a list online? I searched the kb, here, & the web with no luck.
Hello Jwlarger
Specifying cipher suites
TMM supports several ways to select groups of ciphers using a short string based on traits of those ciphers. These include the following:
- SSL/TLS version: TLSv1, TLSv1_1, TLSv1_2, SSLv3
- Bulk cipher: RC4, AES, AES-GCM
- Key exchange: ECDHE, DHE (or EDH), RSA
This is not an exhaustive list. Note that although the format is similar to OpenSSL, some strings differ and the results are not always the same. For more information about specifying cipher strings on the BIG-IP system, refer to the articles listed in the following Supplemental Information section
REF - https://support.f5.com/csp/article/K15194
This is the openssl list:
https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
And this is the supplemental info:
https://support.f5.com/csp/article/K01770517
https://support.f5.com/csp/article/K15194
Regards,
Dario.
- jwlargerCirrus
Thank you, but I had this information already. And as you say, "This is not an exhaustive list. "
An exhaustive list is EXACTLY what I'm looking for. F5 must have a list somewhere, either via command or on same arcane url, of ALL acceptable cipher keywords.
- SajidCirrostratus
- jwlargerCirrus
Thanks, Sajid
I was already aware of this article, and have quoted from it extensively for our in-house working aids.
Still, though, no exhaustive list of acceptable cipher keywords.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com