Forum Discussion

Cirrus

Jan 12, 2015

Solved

Logic behind F5's Cipher Suite selection from the default Cipher suite

!SSLv3:!SSLv2:AES:ALL:!DH:!ADH:!EDH:!MD5:!EXPORT:!DES:@SPEED (Cipher suite used) The intention is to enable the clients to be able to select AES as their cipher suite. 1.) Now does this AES being con...

Brad_Parker
Jan 12, 2015
We actually use "!EXPORT:!DH:!MD5:!SSLv3:!DTLSv1:ECDHE+AES-GCM:ECDHE+AES:ECDHE+3DES:ECDHE+RSA:RSA+AES-GCM:RSA+AES:RSA+3DES"

James_Thomson

Employee

Jan 12, 2015

This article talks about using @strength as well. I'm guessing you don't want @speed if you want AES to be preferred: https://support.f5.com/kb/en-us/solutions/public/15000/100/sol15194.html

Also refer to https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13171.html

https://support.f5.com/kb/en-us/solutions/public/8000/800/sol8802.html

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)