F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

chethan_181144's avatar
chethan_181144
Icon for Nimbostratus rankNimbostratus
Mar 06, 2019
Solved

SSL client profile with no TLSv1 , No SSLV2 & No SSLv3 ?

what will be the impact when we configure SSL client profile with No TLSv1 , No SSLV2 & No SSLv3 under Options ?   How this will work ? Why will we use this options and in which scenario we use ...
application delivery
LTM
TMSH
  • Dylan_375544's avatar
    Dylan_375544
    Mar 06, 2019

    Basically no one will be able to negotiate an SSL connection with your VIP, if it doesn't accept any of the most common SSL protocols.

     

Dylan_375544's avatar
Dylan_375544
Icon for Cirrocumulus rankCirrocumulus
Mar 06, 2019

Basically no one will be able to negotiate an SSL connection with your VIP, if it doesn't accept any of the most common SSL protocols.

 

  • Blue_whale's avatar
    Blue_whale
    Icon for Cirrocumulus rankCirrocumulus
    Mar 06, 2019

    So does it mean it will work only for the client whose browser support TLv2 ( Since TLSv2 is only enabled in the SSL profile )

     

  • Dylan_375544's avatar
    Dylan_375544
    Icon for Cirrocumulus rankCirrocumulus
    Mar 06, 2019

    If TLS v1.2 is enabled and is the only one, then yes, only clients whose browsers support TLS v1.2 will be able to negotiate a connection.

     

  • Dylan_375544's avatar
    Dylan_375544
    Icon for Cirrocumulus rankCirrocumulus
    Mar 06, 2019

    Hope that ended up helping!

     

    If it did, please up-vote and select that answer, it would be greatly appreciated!