Forum Discussion

Nimbostratus

Sep 20, 2017

TLS/1.0, PCI, and a custom message for HTTP response status codes

By June 30, 2018 we would like to turn off TLS/1.0 on all our HTTPS websites, in order to be compliant with PCI requirements. Instead of just turning TLS/1.0 off, we would like to use that time bet...

Cumulonimbus

Jan 25, 2018

Here's a quick and easy one for this situation based on the responses above:

when HTTP_REQUEST {
    switch -exact [SSL::cipher version] {
        "TLSv1.2" {
             do nothing
        }
        "TLSv1.1" {
             do nothing
        } default {
            HTTP::respond 403 content {


Access Denied

    You are using a Web browser that is not secure for accessing confidential information. Please upgrade to the most recent version./font>


} "Content-Type" "text/html" Connection close
            TCP::close
            return
        }
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

TLS/1.0, PCI, and a custom message for HTTP response status codes

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

FIX Message Response

response message be processed by SSLO again?

custom response page for api

Response and blocking page

Response port masking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS