Forum Discussion

MVP

Feb 07, 2017

HowTo: Getting an awesome Qualys SSL-Labs rating... (Feb 2017 Update)

Hi Folks, I've posted in August 2016 a Client SSL Profile configuration to achive a top notch Qualys SSL-Labs rating. HowTo: Getting an awesome Qualys SSL-Labs rating... https://devcentral.f5.c...

Nimbostratus

Apr 26, 2017

We tend to disable 3DES unless we have a system that absolutely needs it. We usual work with them to upgrade if we can. The ciphers we've been using are:

!SSLv2:!EXPORT:!DHE:!3DES:RSA+AES-GCM:RSA+AES:ECDHE+AES-GCM:ECDHE+AES:!MD5:!SSLv3:!RC4

For easy of entry, you can deny all DHE and all 3DES by just using !DHE and !3DES instead of specifying each one. At least you can on 11.6.0.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

HowTo: Getting an awesome Qualys SSL-Labs rating... (Feb 2017 Update)

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

Achieving an SSL Labs A+ score with F5 products

Security Sidebar: Improving Your SSL Labs Test Grade

Getting Started on DevCentral

Getting Started With n8n For AI Automation

Getting started with F5 Distributed Cloud (XC) Telemetry

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS