Forum Discussion

Mohanish_169493's avatar
Mohanish_169493
Icon for Nimbostratus rankNimbostratus
Jul 21, 2015

Need to configure specific Cipher "AES256-SHA256" in server SSL profile

Hi,   Please if someone can guide me as to how to configure specific cipher "AES256-SHA256" for server SSL profile. The server side certificate is using "AES256-SHA256" so they want it to use this...
certificate
cipher
ciphers
server-side ssl profile
ssl
SynACk_128568's avatar
SynACk_128568
Icon for Cirrostratus rankCirrostratus
Jul 21, 2015

Hi Mohanish,

 

If you want to configure specific cipher you have to negate everything which is above this cipher .

 

You can check serverside Cipher list with tmm --serverciphers ''

 

  • Mohanish_169493's avatar
    Mohanish_169493
    Icon for Nimbostratus rankNimbostratus
    Jul 21, 2015
    Hi SynAck Thanks a lot for the reply!. I had one more reply. It created the SSL profile. I am yet to test this on Sunday against production environment. The issue is we have certificate using SHA256 on the server end. Now if we are using DEFAULT cipher list in the Server SSL profile its causing issues. So server team wants to use settings in F5 to have specifically SHA256 set. I tested "AES256-SHA256" using openssl s_server against the end server. The connection was successfull. HOwever the Cipher used was still AES256-SHA and not SHA256. Any comments.