Forum Discussion

smp_86112's avatar
smp_86112
Icon for Cirrostratus rankCirrostratus
Aug 10, 2010

Specifying Ciphers in Client SSL Profiles

We just encountered a situation where (we believe) upgrading to 10.2.0 broke SSL connections for particular clients. According to the 10.2 release notes, MD5 ciphers were taken out of the default SSL ...
config
design
smp_86112's avatar
smp_86112
Icon for Cirrostratus rankCirrostratus
Aug 12, 2010
Hi Moo, yes you are right. However http://support.f5.com/kb/en-us/solu...10262.html contradicts that statement:

 

 

SOL11624: Change in Behavior: The default BIG-IP SSL profiles no longer include DES-CBC-SHA *** and ciphers containing the MD5 hash ***.

 

 

Based on what I saw in my testing, SOL11624 is correct and SOL10262 is incorrect. I have posted to the Documentation forum to get clarification: http://devcentral.f5.com/Community/...fault.aspx

 

 

Thanks for another nice reference - I hate the openssl command...