DanielA0501
Aug 20, 2020Nimbostratus
Weak Server Signature Algorithm
Our security team is running scans across our applications and one of the things they have been requesting recently involves weak server signature algorithms. They are seeing the following as enabled on the F5:
rsa_pkcs1_sha1
rsa_pkcs1_sha224
I have been doing some research and see that this can be handled through cipher rules in version 14, but we are running versions 12.1.5.2 and 13.1.3.4 and not ready to upgrade to version 14. Is this possible to handle in versions 12 and 13? Thank you.