Forum Discussion

Nimbostratus

Sep 21, 2016

TLS SSL Profile question.

I have an ssl Profile that is currently linked to a Virtual Server in our production environment. Under the advanced configuration>Ciphers I see "DEFAULT:!TLSv1". Does this mean that it's using ...

Cumulonimbus

Sep 22, 2016

Hi Mike,

As Kang has said the ! Negates the use of that Cipher Suite in the profile (In this case TLS 1.0).

IF you wanted to use TLS1.2 ONLY, there are option inside the SSL profile to do that.

Note: Different versions of F5 Code include different DEFAULT ciphers. I.e. Prior to 11.5, SSLv3 was included in DEFAULT list, and no-one wants that....

IainThomson85_1

Cumulonimbus

Sep 26, 2016

Hi Mike,

Ideally you want to get a TCPDUMP of the Handshake, analyse in Wireshark as to the exact failure reason.

See what Protocols/Ciphers the server offers, and see if the client can support those.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

TLS SSL Profile question.

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Round-robin method not load balanced

F5 BGP Peering in Active /Standby Cluster

Expired client-certificate

F5 AI Roadmap

Disabling signature for a URL

Related Content

TLS Fingerprinting to profile SSL/TLS clients without decryption

TLS server_name extension based routing without clientssl profile

Load Balancing TCP TLS Encrypted Syslog Messages

SSL Profiles Part 11: TLS Optimization

F5 Server SSL Profile using TLS 1.0 instead of TLS 1.2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS