Forum Discussion
Joe_M
Mar 10, 2015Nimbostratus
I am quite familiar with all of those documents. That is precisely how I have put together my cipher string. Here it is, nothing weak is in there.
ECDHE:AES-GCM+RSA:DHE:AES+RSA:!DTLSv1:!RC4:!3DES:!SSLv3:!LOW:@STRENGTH:+TLSv1_1:+TLSv1
This has NOTHING to do with the cipher itself! It has to do with (from what I can tell) the Diffe-Hellman parameters that don't appear to be configurable on the F5.
https://wiki.openssl.org/index.php/Diffie-Hellman_parameters