Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Enable TLS 1.3 and Disable DH group

SolarJeans
Cirrus
Cirrus

Hello Experts,

I have a task need to enable TLS 1.3 and disable DH group.

To enable TLS 1.3, I can use cipher group to do by this link https://my.f5.com/manage/s/article/K10251520

To disable DH, I can use DEFAULT:!DH

But how to do this together?

1 ACCEPTED SOLUTION
3 REPLIES 3

Paulius
MVP
MVP

@SolarJeans This link should assist you in creating the appropriate custom cipher group.

https://techdocs.f5.com/en-us/bigip-15-0-0/big-ip-ltm-configuring-custom-cipher-string-for-ssl-negot...

Hello,

Yes, I try to create custom cipher rule and custom cipher group and issue fixed. Thanks a lot.

Samir
MVP
MVP

You can try something like this to enable tls1.3 and disable DHE

DEFAULT:TLSV1_3:!DHE