Forum Discussion

Nimbostratus

Jul 21, 2015

Need to configure specific Cipher "AES256-SHA256" in server SSL profile

Hi, Please if someone can guide me as to how to configure specific cipher "AES256-SHA256" for server SSL profile. The server side certificate is using "AES256-SHA256" so they want it to use this...

certificate

cipher

ciphers

server-side ssl profile

ssl

Kevin_Stewart

Employee

Jul 21, 2015

I tested "AES256-SHA256" using openssl s_server against the end server.

I think technically you should be using openssl s_client to simulate the BIG-IP's role in communicating with the server. The client (BIG-IP) will send a list of ciphers that it can support to the server in its initial ClientHello message, and the server will pick a cipher from that list. That's generally how it works anyway. So if the client only presents one cipher, and the server supports that cipher, then that's what they will negotiate.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Need to configure specific Cipher "AES256-SHA256" in server SSL profile

Recent Discussions

INFORM: Entrust CA will be untrusted in Chrome after Oct 31, 2024

Can BIG-IP DNS recursion only my domain?

CPU data, control and analytics plane utilization

Can import iSeries 4000 config (OS ver 1.3.x) to rSeries 5000 (f5os-a 1.5.2)?

Datagroup with address and value

Related Content

Certificate Expiry Email alert configuration

F5 BIG-IP SSL Orchestrator Configuration with Advanced WAFaaS

check the utilization on specific node

Load balancing method specific decision

Re: LTM SYN Cookie Configuration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS