SSL Profiles Part 4: Cipher Suites

Introduction This is part 4 in a series of articles covering the BIG-IP LTM SSL profiles. SSL Overview and Handshake SSL Certificates Certificate Chain Implementation Cipher Suites SSL ...
Updated Mar 25, 2023
Version 2.0
LTM
security
series-the-ssl-profile
ssl
tech tip
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
JRahm's avatar
Icon for Admin rankAdmin
Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.
View Profile
Beinhard_8950's avatar
Beinhard_8950
Icon for Nimbostratus rankNimbostratus
Dec 17, 2010
Hi Jason,

 

Good post but I´m wondering of some things here.

 

I have always used @strenght in other plattforms (like nortel SSL gateway,etc.) but F5 said before that you shouldn´t use it. Has this changed in 10.2?

 

IMHO it´s better to use the syntax tmm --clientciphers 'xxxx' instead of openssl because you then will see if the ciphers are in compat or native mode.

 

And It´s not the same ciphers if you check these syntax.