Forum Discussion

Altostratus

Oct 03, 2018

Solved

How to disable weak cipher from Client SSL Profile

Hi, We have disabled few ciphers and we have rating "A" in qualys ssl checker portal. We have a requirement to disable weak ciphers as well. Could some one advice how to disable weak ciphers. Pl...

ASM Advanced WAF

security

Lokesh_R_365525
Oct 03, 2018
By using DEFAULT:@STRENGTH command you can preferred the ciphers to use only Strength.

ka1021_129079

Altocumulus

Oct 03, 2018

Hi Sriram,

Your can disable weak ciphers by putting following cipher string in clientssl_profile Local Traffic ›› Profiles : SSL : Client >> Ciphers (Cipher String) DEFAULT:!RSA:!DES:!3DES:!DHE

Also have a look at below KB articles: For 11.x - https://support.f5.com/csp/article/K13171 For 12.x - https://support.f5.com/csp/article/K13170

Regards, Kaustubh

ka1021_129079

Altocumulus

Oct 04, 2018

Ok, thanks for update Sriram. Good to know that you got the solution.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)