Forum Discussion

Cirrostratus

Apr 28, 2014

Server SSL Profile ciphers

I'm using the following Ciphers string in a server SSL profile on my 11.4.1HF3 LTM: DEFAULT:-TLSv1_1:-TLSv1_2 The resulting ciphers list is this: Active:Changes Pending] ~ tmm --serve...

Noctilucent

what makes the LTM decide to "decide" to use TLS on the serverside of the connection? Is that because the client on the clientside requested to use TLS (which it does), and it is required to maintain the same protocol on both sides?

i understand ltm uses the highest version first. i do not think maintaining the same protocol version is needed.

smp_86112

Cirrostratus

Apr 28, 2014

> i understand ltm uses the highest version first Intuitively this makes sense, but that implies some sort of defined order. And so I would expect the output of the `tmm --serverciphers` command to display the list in that priority, but it doesn't. Perhaps I expect too much.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Server SSL Profile ciphers

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

PCI Cipher Set

changing DEFAULT ciphers v14.x

SSL profile

Ciphers for restricting traffic to TLS1.2

SSL Cipher error in ltm logfile "Cipher XX:Y negotiated is not configured in profile <sslprofilename>"

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS