Forum Discussion

Nimbostratus

Sep 10, 2015

Need help in setting strong Cipher string

Hello, We have a request to set cipher suite on F5 LBs that includes following. Can someone suggest correct string that should be used to achieve this ? Also let me know if it can be set to all ...

IheartF5_45022

Nacreous

Sep 10, 2015

The very first q to ask is - what version are you running? Are you trying to influence the ciphers used by TMM clientssl/serverssl? Or the ciphers used by the management GUI? What you've listed is the ciphers used by management GUI, not TMM SSL profiles

The short answer for the TMM profile can be found here http://mikeboylan.com/2014/05/02/f5-perfect-forward-secrecy/. I'm pretty sure that this will cover most if not all your requirements. Just add !RC4 onto the end of the string he gives.

You'll also want to order a SHA-2 SSL certificate to meet that requirement. All the major CAs issue these now.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Need help in setting strong Cipher string

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

F5 Big-IP Trust Internal CA Chain certificates for Web Servers

XC - geo LB to the origin servers

Floating Ip Problem

F5 rSeries || Upgrade tenant

Expired client-certificate

Related Content

Strong Authentication

Lightboard Lessons: Choosing Strong vs Weak Ciphers

Cipher Suite Practices and Pitfalls

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

Troubleshooting Kerberos Constrained Delegation: Strong Encryption Types Allowed for Kerberos

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS