Forum Discussion

Nimbostratus

Apr 26, 2014

SSLLabs A+, F5 LTM 11.4

We are testing a configuration to achieve an A+ grade on the SSLLabs.com server test. The "DEFAULT" ciphers is documented in sol13156 and sol13171. DEFAULT = NATIVE:!MD5:!EXPORT:!DES:!DHE:...

Cirrus

Aug 20, 2014

I personally use those ciphers (11.5+) :

DEFAULT:!RC4:ECDHE:AES-GCM:!AES128-GCM-SHA256:!AES256-GCM-SHA384:!ADH-AES256-GCM-SHA384:!ADH-AES128-GCM-SHA256:!AES256-SHA256:!AES256-SHA:@STRENGTH

I disable Renegociation on Client SSL Profile

and add HSTS irule using an irule

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSLLabs A+, F5 LTM 11.4

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

The GSLB pool is providing an incorrect IP to end users

iRule causing requests to be duplicated (sometimes)

Cisco TACACS+ Config on ISE LTM Pair

Related Content

SSL Ciphers (SSLLabs) Warning

Just Announced! Attend a lab and receive a Raspberry Pi

Building a lab using Proxmox

How to move a BIG-IP VE license

Create a DevCentral account

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS