Hi All,
I've just been scanned on a ITHC, it's identied that the config utility is allowing TLS 1.0 and 1.1 to still be negotiated.
Is there a way i can set the web service on the config util to only allow TLS 1.2 and 1.3 or even just 1.3?
Thanks
Fletch
Hello,
For the F5 management (F5 GUI and SSH), check out the below articles:
https://support.f5.com/csp/article/K40232071
https://support.f5.com/csp/article/K22426638
For SSL profiles for services published through F5, check the below:
https://support.f5.com/csp/article/K31320003
https://support.f5.com/csp/article/K33000012
Thanks, i've done it for services before.
it's the gui side. Do i need to run both of those KB's or is this one https://support.f5.com/csp/article/K40232071 enough?
it looks like it does the same and a little more as it covers or can cover ciphers.
Thanks for the quick responce!
MVPYou're correct, they will have the same impact. You don't need to run them both.
Regarding TLSv1.3 , BIG-IP version prior to 17.0 don't support in on the configuration utiity.
