Forum Discussion

Nimbostratus

Dec 03, 2014

what are the ssl ciphers supported on F5 and how to block the request which are on old cipher versions.

what are the ssl ciphers supported on F5 and how to block the request which are on old cipher versions? We use various external facing applications and we need to make sure that older / weak ssl ciph...

application delivery

BIG-IP Access Policy Manager (APM)

Cumulonimbus

Dec 03, 2014

Support ciphers are documented at https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html

To give a message to a browser that uses weak encryption, you cannot block the weak encryption in the ssl profile. You must allow the weaker ssl to happen and then use some mechanism(such as an iRule) to send them the message. Because of this, other people I have talked to who want to do this stop because they do not want the weak ssl to complete as it impacts their security audits. It can become difficult to catch all of the possible weak encryptions methods properly. Here is an example that would catch SSLv3 and redirect them to another website with a message.

when HTTP_REQUEST {
    if { [SSL::cipher version] eq "SSLv3" } {
    HTTP::respond 302 Location "http://weakencryption"
    }
}

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

Bram - January 2026 Featured Member

DevCentral News

announcement

event

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

what are the ssl ciphers supported on F5 and how to block the request which are on old cipher versions.

Bram - January 2026 Featured Member

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Questions on Migrating configs from iSeries to RSeries F5s

rSeries Configuration Backup

AST Configuration help

reading Client SSL Profile details via Ansible

Raise your hand if you'll be at AppWorld 2026

Related Content

Cipher Suites Supported (12.1.5.3)

Cipher Suite Practices and Pitfalls

Support and Help for DevCentral and Offline Contact

Future-Proofing Your Network: Enabling Quantum Ciphers on F5 BIG-IP TMOS 17.5.1

LTM Cipher rule

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS