Forum Discussion
SSL Ciphers (SSLLabs) Warning
- May 22, 2018
Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.
Disable below ciphers to eliminate weak TLS cipher.
TLS1.2
AES256-GCM-SHA384 AES256-SHA256 AES256-SHA DHE-RSA-CAMELLIA256-SHA CAMELLIA256-SHA
TLS 1.1
AES256-SHA DHE-RSA-CAMELLIA256-SHA CAMELLIA256-SHA
Share your feedback.
Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.
Disable below ciphers to eliminate weak TLS cipher.
TLS1.2
AES256-GCM-SHA384
AES256-SHA256
AES256-SHA
DHE-RSA-CAMELLIA256-SHA
CAMELLIA256-SHA
TLS 1.1
AES256-SHA
DHE-RSA-CAMELLIA256-SHA
CAMELLIA256-SHA
Share your feedback.
!
use in beginning to disable cipher. See the below example
example
DEFAULT:!AES256-SHA:!DHE-RSA-CAMELLIA256-SHA:!CAMELLIA256-SHA
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com