Koalan
Oct 01, 2019Cirrus
Strong cipher suite
Hi we are testing a url on sslab test and the current setup on our f5 have these ciphers:
DEFAULT:!SSLv2:!SSLv3:!TLSv1:!RSA:!ECDHE-RSA-AES256-CBC-SHA:!ECDHE-RSA-AES128-CBC-SHA:!ECDHE-RSA-DES-CBC3-SHA:!EXPORT:!DHE+AES-GCM:!DHE+AES:!DHE+3DES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:ECDHE+3DES:RSA+3DES:-MD5:-SSLv3:-RC4
but when we tested it on sslab test, it says:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (
0xc028
) ECDH secp384r1 (eq. 7680 bits RSA) FS WEAK256TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (
0xc027
) ECDH secp384r1 (eq. 7680 bits RSA) FS WEAK128anyone knows how to address this?