Forum Discussion

Icon for Nimbostratus rank

Nimbostratus

Mar 12, 2019

Why we need SSLCIPHER irule ?

Hi Team ,

Can you please help me understand the use of below sslcipher irule which is applied to 443 vip .How this will work ?

ltm rule SSLCIPHER {

when HTTP_REQUEST {

HTTP::header insert SSLClientCipher [SSL::cipher name],\x20version=[SSL::cipher version],\x20bits=[SSL::cipher bits]

}

}

application delivery

1 Reply

RossVermette
Nimbostratus
Mar 12, 2019
The F5 will insert a new HTTP Header to the back end node. You should see in the packet:

SSLClientCipher EDH-RSA-DES-CBC3-SHA, version=TLS1.2|TLS1.1|TLS1.0|SSLv3, bits=256|128|40

You can use this info to analyse what your clients are using to connect in via your webserver logs.(Assuming you parse and log that http header in your w3c logs)

Welcome! a la Communidad DevCentral LATAM de F5!

LATAM Users Articles

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5