Forum Discussion

Nimbostratus

Jul 21, 2015

Need to configure specific Cipher "AES256-SHA256" in server SSL profile

Hi, Please if someone can guide me as to how to configure specific cipher "AES256-SHA256" for server SSL profile. The server side certificate is using "AES256-SHA256" so they want it to use this...

certificate

cipher

ciphers

server-side ssl profile

ssl

Kevin_Stewart

Employee

Jul 21, 2015

I tested "AES256-SHA256" using openssl s_server against the end server.

I think technically you should be using openssl s_client to simulate the BIG-IP's role in communicating with the server. The client (BIG-IP) will send a list of ciphers that it can support to the server in its initial ClientHello message, and the server will pick a cipher from that list. That's generally how it works anyway. So if the client only presents one cipher, and the server supports that cipher, then that's what they will negotiate.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)