Checking on ciphers for ssl profile

Question

I try to run the following command tmm -serverciphers but i don't seem to get any return results. In the ssl profile the cipher is set as "TLSv1_2:!3DES:!DES:!RC4"&nbsp;[admin@Node-01:Active:Changes Pending] ~ # tmm --serverciphers certificate_ECDHE_NoTLSv1_No3DES_clientssl&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ID&nbsp;SUITE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;BITS PROT&nbsp;&nbsp;&nbsp;CIPHER&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;MAC&nbsp;&nbsp;&nbsp;&nbsp;KEYX[admin@Node-01:Active:Changes Pending] ~ #&nbsp;

samir · Answer

you need to be very specific while displaying client or server ciphers. Example:  For default you use this             tmm --clientciphers DEFAULTtmm --clientciphers &lt;Client_Ciphers&gt;
tmm --clientciphers 'DEFAULT:!TLSv1'
&nbsp;
tmm --serverciphers &lt;cipher suite&gt;
tmm --serverciphers 'ECDHE-RSA-AES256-CBC-SHA'https://support.f5.com/csp/article/K13163Hope it will help you

Forum Discussion

Checking on ciphers for ssl profile

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Cipher Suites Supported (12.1.5.3)

TMOS script for updating SSL profile cipher group and TLS versions

Disabling Weak Ciphers

Bash script to check if you have a SIP profile attached to a Virtual Server (CVE-2023-22842)

Cipher suite mismatch advertisement/warning