Forum Discussion

Nimbostratus

Aug 06, 2015

iRule to log SSL cipher version

Hi all, I need to know which of the following iRules would log, Requested Ciphers Agreed Cipher the fact that a cipher was not agreed, so connection was not allowed. iRule 1: when CL...

Employee

Aug 06, 2015

Technically all of these will have access to the agreed upon cipher and version, though semantically only the CLIENTSSL_HANDSHAKE and HTTP_REQUEST events should have the "chosen" cipher. The CLIENTSSL_HANDSHAKE event will only fire once per SSL handshake, while the HTTP_REQUEST event will fire repeatedly throughout the HTTP application.

When you say "requested ciphers", do you really need to see all of the ciphers that the client presents? That is usually a pretty large list. You'd also need to collect this information in a layer 4 (TCP) event.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to log SSL cipher version

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

Cipher Suite Practices and Pitfalls

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

LTM Cipher rule

Recommended Version

Disable below cipher

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS