Is !SSLv3 the same as No SSLv3 ?

Question

Hi everybody&nbsp;
I've some question about SSL profile.&nbsp;
Is !SSLv3 specify in cipher suite the same as "No SSLv3" option in SSL option?&nbsp;
Thank you very much &nbsp;

rupert_connell_ · Answer

No it is not!&nbsp;
!SSLv3 hard disables the SSLv3 ciphers.
No SSLv3 disables the SSLv3 protocol.&nbsp;
If you set !SSLv3, but not No SSLv3, the client may negotiate SSLv3 as protocol, then not be able to use any ciphers, since you have disabled them!&nbsp;
See here for reference: Cipher Suite Practices and Pitfalls&nbsp;

rupert_connell · Answer

No it is not!&nbsp;
!SSLv3 hard disables the SSLv3 ciphers.
No SSLv3 disables the SSLv3 protocol.&nbsp;
If you set !SSLv3, but not No SSLv3, the client may negotiate SSLv3 as protocol, then not be able to use any ciphers, since you have disabled them!&nbsp;
See here for reference: Cipher Suite Practices and Pitfalls&nbsp;

faruk_aydin · Answer

Yes, It is equivalent.&nbsp;

faruk_aydin · Answer

use : ALL:!SSLv2!SSLv3 and also disable weak ciphers.

boneyard · Answer

this one deserves a few upvotes to make sure it is on top.&nbsp;

Forum Discussion

Is !SSLv3 the same as No SSLv3 ?

6 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL cipher

CPU utilization of F5OS on r2600

F5OS VLAN naming length restrictions

iApps with load ucs Platform-migrate on newer hardware

Raise your hand if you'll be at AppWorld 2026

Related Content

CVE-2014-3566: Removing SSLv3 from BIG-IP

SSLv3 POODLE mitigation recommendations

iRule to stop SSLv3 connections

How much of my traffic is still SSLv3?

CVE-2014-3566: Removing SSLv3 from LineRate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS