Forum Discussion

redadmin1972's avatar
Icon for Altocumulus rankAltocumulus
Dec 19, 2023

TMOS script for updating SSL profile cipher group and TLS versions


With 2024 just around the corner and many organizations aligning with NIST's SP 80052r2 guidelines, I need an efficient way to use TMOS to change my SSL profile settings. I have reviewed previous posts that go over the SSL profile creation process via TMOS, but I would like to edit my current existing profiles to be compliant with security policies. 

For example, let's say I have two SSL profiles test.com_sslprofile and test.org_sslprofile, and currently they use the f5-secure cipher group and have TLS 1.0, 1.1, 1.2 enabled and TLS 1.3 disabled. Do you know of any TMOS commands that I can use to update these SSL profiles to new settings that use the new_secure_cipher_group and disable TLS 1.0 and 1.1 and enable TLS 1.3? 

Thank you.

2 Replies