F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

SSL Labs Best Case Grades for Older TMOS Versions

Aspiring for that A+ rating on Qualys SSL Labs? F5er Brandon Frelich went to work to determine the best case scenarios for older versions of TMOS. Quite an engaging project, hopefully you enjoy readi...

Published Mar 16, 2016

Version 1.0

Admin

Christ Follower, Husband, Father, Technologist. I love community and I especially love THIS community. My background is networking, but I've dabbled in all the F5 iStuff, I'm a recovering Perl guy, and am very much a python enthusiast. Learning alongside all of you in this accelerating industry toward modern apps and architectures.

View Profile

BAMcHenry

Ret. Employee

Mar 17, 2016

@Simon, I haven't read about any practical attacks against RSA 2048-bit keys. Given the performance cost is 5x, it's not that slight depending on your current load and hardware. Personally, I think effort is better spent in using only PFS ciphers, rather than investing deeply in 4096-bit keys. Wondering what's driving your adoption of 4096-bit beyond typical security paranoia. ;)

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

SSL Labs Best Case Grades for Older TMOS Versions

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS