Security check for F5 URL

Question

Following issues related to F5 URL are observed at multiple places during security scan.&nbsp;
Critical : Insecure Transport: Insufficient Diffie Hellman Strength,  ID 80641927 : https://services-stg-oauth.cummins.com:443/atlasmobile/services?call=AtlasLogin-v3High: Insecure Transport: Weak SSL Protocol,  ID 80641930 : https://services-stg-oauth.cummins.com:443/atlasmobile/services?call=AtlasLogin-v3Medium: Insecure Deployment: OpenSSL , ID 80641928 : https://services-stg-oauth.cummins.com:443/atlasmobile/services?call=AtlasLogin-v3Medium: Insecure Transport: Weak SSL Protocol, ID 80641929 : https://services-stg-oauth.cummins.com:443/atlasmobile/services?call=AtlasLogin-v3
Also review the following SSL check that I ran on SSLLabs.com. Getting a B rating on the same :&nbsp;
https://www.ssllabs.com/ssltest/analyze.html?d=services-stg-oauth.cummins.com&nbsp;
Requesting you to look into this issue and let us know when it can be resolved.&nbsp;

michael_saleem · Answer

Hi,&nbsp;
The SSL labs report indicate you are using weak DH params (1024 bits)&nbsp;
I am assuming that you are terminating SSL on the F5 virtual server. To resolve this in the client SSL profile applied to the virtual server, disable DHE (but keep ECDHE enabled). It would also be a good idea to prioritise ECDHE so that it is at the top of the cipher suite preference order.&nbsp;

Forum Discussion

Security check for F5 URL

Recent Discussions

AS3 Limitations

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

FTP PASV mode to Extended Passive mode

Related Content

Positive Security vs. Negative Security: A Comparison Using F5's Security Portfolio

AppWorld 2025 Security Insights - ADC 3.0, AI Security, and more

Securing Model Serving in Red Hat OpenShift AI (on ROSA) with F5 Distributed Cloud API Security

F5 AI Gateway - Secure, Deliver and Optimize GenAI Apps

HTTP Multipart and Security Implications

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS