SSL/TLS use of weak RC4 cipher

Question

Can some one help me please to correct this vulnérablitty 
 i try to the changing cipher  string for the SSL profile associeted with VS   in my asm version 11.4.1 hostfix4 with  :!SSLv3:RC4-SHA . 
 but still vulnerability persist&nbsp;
Thanks&nbsp;

nathe · Answer

Does:!SSLv3:!RC4 help?&nbsp;
N&nbsp;

afedden_1985 · Answer

if YOUR ASKING ABOUT THE MANAGEMENT INTERFACE THIS MIGHT WORK AND I USE IT ON MY LTMS.
this string seems to be good and only supports TLS1.2 ciphers .  &nbsp;

modify sys httpd ssl-ciphersuite NONE:DHE-RSA-AES256-SHA:AES256-SHA
Save sys config&nbsp;

hannes_rapp · Answer

!SSLv3:RC4-SHA - What this means? Do not permit a combination of SSLv3 and RC4-SHA cipher suite. This does not tell that RC4-SHA is prohibited for TLS1.0, TLS1.1 or TLS1.2. That's why your issue prevails.

max_q_factor · Answer

Maybe you can review this article that talks about what an affective cipher list looks like -  &nbsp;
SSL cipher settings  &nbsp;
Or this solution article on how to view the affective cipher suite lists on the BIG-IP:&nbsp;
SOL15194: Overview of the BIG-IP SSL/TLS cipher suite&nbsp;
Or this article:&nbsp;
SOL13171: Configuring the cipher strength for SSL profiles (11.x)  &nbsp;

Forum Discussion

SSL/TLS use of weak RC4 cipher

4 Replies

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Block specific URL's in APM

Sizing calculation storage

Upgrading vCMP guest

API Pre-Authentication

Pre & Post validation of F5 configuration

Related Content

Disabling Weak Ciphers

Disabling Specific Weak Cipher Suites

TLS Fingerprinting to profile SSL/TLS clients without decryption

Lightboard Lessons: Choosing Strong vs Weak Ciphers

How to disable weak cipher from Client SSL Profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS