Forum Discussion

aquispe17_31055's avatar
aquispe17_31055
Icon for Nimbostratus rankNimbostratus
May 21, 2018

SSL Ciphers (SSLLabs) Warning

Hi everyoe, I ran a test SSL over an web application and received various warnings about weak cipher. How can i close this ciphers protocols?   TLS1.2:   TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)...
BIG-IP
LTM
security
  • Samir_Jha_52506's avatar
    Samir_Jha_52506
    May 22, 2018

    Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.

    Disable below ciphers to eliminate weak TLS cipher.

    TLS1.2

        AES256-GCM-SHA384
    AES256-SHA256
    AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

    TLS 1.1

        AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

    Share your feedback.

Samir_Jha_52506's avatar
Samir_Jha_52506
Icon for Noctilucent rankNoctilucent

Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.

Disable below ciphers to eliminate weak TLS cipher.

TLS1.2

    AES256-GCM-SHA384
    AES256-SHA256
    AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

TLS 1.1

    AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

Share your feedback.

aquispe17_31055's avatar
aquispe17_31055
Icon for Nimbostratus rankNimbostratus
May 22, 2018

HI, What is the expression to disable it?