Forum Discussion
JD_Tomzak
Jan 14, 2020Cirrus
Irule to help root out TLS 1.0 and 1.1 connecting clients?
Hello, I've been asked to assist the dev team in removing TLS 1.0 and 1.1 from our internet facing applications. In order to figure out what clients are still accessing at this level I've been ...
iaine
Jan 15, 2020Nacreous
Hi
Something like this could be a good starting point.
when HTTP_REQUEST {
if {([SSL::cipher version] == "TLSv1.1") || ([SSL::cipher version] == "TLSv1.0")}{
log local0. "Client [IP::local_addr] is accessing [HTTP::uri] with [SSL::cipher version]"
}
}
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects