Forum Discussion

Nimbostratus

May 21, 2018

Solved

SSL Ciphers (SSLLabs) Warning

Hi everyoe, I ran a test SSL over an web application and received various warnings about weak cipher. How can i close this ciphers protocols? TLS1.2: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x9d)...

BIG-IP

LTM

security

Samir_Jha_52506
May 22, 2018
Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.

Disable below ciphers to eliminate weak TLS cipher.

TLS1.2

AES256-GCM-SHA384 AES256-SHA256 AES256-SHA DHE-RSA-CAMELLIA256-SHA CAMELLIA256-SHA

TLS 1.1

AES256-SHA DHE-RSA-CAMELLIA256-SHA CAMELLIA256-SHA

Share your feedback.

Samir_Jha_52506

Noctilucent

Disable below cipher in-order to eliminate weak cipher list. I have tested in LAB and all weak cipher gone. Suggest you to test in LAB environment and share feedback. Most important thing, don't play with default client-ssl profile.

Disable below ciphers to eliminate weak TLS cipher.

TLS1.2

    AES256-GCM-SHA384
    AES256-SHA256
    AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

TLS 1.1

    AES256-SHA
    DHE-RSA-CAMELLIA256-SHA
    CAMELLIA256-SHA

Share your feedback.

Samir_Jha_52506

Noctilucent

May 22, 2018

use in beginning to disable cipher. See the below example

example

 DEFAULT:!AES256-SHA:!DHE-RSA-CAMELLIA256-SHA:!CAMELLIA256-SHA

Forum Discussion

SSL Ciphers (SSLLabs) Warning

Recent Discussions

security patch release

redirect not working

Reliable resources for identifying IP addresses

Could not connect to SMTP host.

Viprion files on blades.

Related Content

Cipher suite mismatch advertisement/warning

Cipher Suites Supported (12.1.5.3)

LTM Cipher rule

Cipher Suite Practices and Pitfalls

Disabling Weak Ciphers