For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ghislain_Pellet's avatar
Ghislain_Pellet
Icon for Nimbostratus rankNimbostratus
May 17, 2018

How to set top priority for TLS 1.2 protocol over TLS 1.0 for client ciphers in BIG-IP v11.6.x

Problem: The F5 (version 11.6.x) establishes a TLS 1.0 connection for a client browser even if protocols TLS 1.2 and TLS 1.1 are part of the supported ciphers on both sides (client browser and F5 client-side).

How can I force the F5 to use the highest protocol available? How can I reorder the ciphers/protocols to put TLS 1.2 at the top of the protocol negotiation mechanism? How does the F5 perform the TLS protocol negotiation?

The cipher string: DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:!SSLv3:!DTLSv1

tmm --clientciphers 'DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:!SSLv3:!DTLSv1'

      ID  SUITE                            BITS PROT    METHOD  CIPHER  MAC     KEYX
0:    51  DHE-RSA-AES128-SHA               128  TLS1    Native  AES     SHA     EDH/RSA
1:    51  DHE-RSA-AES128-SHA               128  TLS1.1  Native  AES     SHA     EDH/RSA
2:    51  DHE-RSA-AES128-SHA               128  TLS1.2  Native  AES     SHA     EDH/RSA
3:    57  DHE-RSA-AES256-SHA               256  TLS1    Native  AES     SHA     EDH/RSA
4:    57  DHE-RSA-AES256-SHA               256  TLS1.1  Native  AES     SHA     EDH/RSA
5:    57  DHE-RSA-AES256-SHA               256  TLS1.2  Native  AES     SHA     EDH/RSA

The client browser is Safari 11.1 (the latest version at time of writing).

BIG-IP
ciphers
ciphersuites
LTM
security
ssl profiles
tls
tls protocols

2 Replies

  • StephanManthey's avatar
    StephanManthey
    Icon for Nacreous rankNacreous
    May 18, 2018

    Hi Ghislain,

    if it´s generally just about ordering by protocol preference, the following cipher string will do it: 
    DEFAULT:+TLSv1_1:+TLSv1:+DTLSv1
    .

    Please check via command line: 

    tmm --clientciphers 'DEFAULT:+TLSv1_1:+TLSv1:+DTLSv1'

    The "

    +
    " prefix lowers the preference of the specifier (applies to handshake-methods, bulk-crypto and message-digest algorithms as well).

    Back to your specific case it would be the following: 

    DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:!SSLv3:+TLSv1_1:+TLSv1:!DTLSv1

    Verfication: 

    tmm --clientciphers 'DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:!SSLv3:+TLSv1_1:+TLSv1:!DTLSv1' 

       ID  SUITE                            BITS PROT    METHOD  CIPHER    MAC     KEYX
 0:    51  DHE-RSA-AES128-SHA               128  TLS1.2  Native  AES       SHA     EDH/RSA
 1:    57  DHE-RSA-AES256-SHA               256  TLS1.2  Native  AES       SHA     EDH/RSA
 2:    51  DHE-RSA-AES128-SHA               128  TLS1.1  Native  AES       SHA     EDH/RSA
 3:    57  DHE-RSA-AES256-SHA               256  TLS1.1  Native  AES       SHA     EDH/RSA
 4:    51  DHE-RSA-AES128-SHA               128  TLS1    Native  AES       SHA     EDH/RSA
 5:    57  DHE-RSA-AES256-SHA               256  TLS1    Native  AES       SHA     EDH/RSA

    In a previous post ("TMOS SSL TLS Cipher Cheat Sheet") I tried to summarize the different approaches for cipher specification including aliases and keywords.

    Cheers, Stephan