Forum Discussion
jwlarger
Cirrus
CirrusHow to list all cipher keywords
Can I query from tmos or cli to list all valid cipher keywords? (Not tmm --clientciphers DEFAULT - I just want keywords like !TLSv1 and the like).
If not, is there a list online? I searched the kb, here, & the web with no luck.
SajidCirrostratus
jwlargerThanks, Sajid
I was already aware of this article, and have quoted from it extensively for our in-house working aids.
Still, though, no exhaustive list of acceptable cipher keywords.
Hello Jwlarger
Specifying cipher suites
TMM supports several ways to select groups of ciphers using a short string based on traits of those ciphers. These include the following:
- SSL/TLS version: TLSv1, TLSv1_1, TLSv1_2, SSLv3
- Bulk cipher: RC4, AES, AES-GCM
- Key exchange: ECDHE, DHE (or EDH), RSA
This is not an exhaustive list. Note that although the format is similar to OpenSSL, some strings differ and the results are not always the same. For more information about specifying cipher strings on the BIG-IP system, refer to the articles listed in the following Supplemental Information section
REF - https://support.f5.com/csp/article/K15194
This is the openssl list:
https://www.openssl.org/docs/man1.0.2/man1/ciphers.html
And this is the supplemental info:
https://support.f5.com/csp/article/K01770517
https://support.f5.com/csp/article/K15194
Regards,
Dario.
- jwlarger
Thank you, but I had this information already. And as you say, "This is not an exhaustive list. "
An exhaustive list is EXACTLY what I'm looking for. F5 must have a list somewhere, either via command or on same arcane url, of ALL acceptable cipher keywords.
