DES-CBC3-SHA listed as 192 bits but SSL Labs reports as 112 bit
In the table here under the BIG-IP 11.5.0 - 11.5.2 section it lists the DES-CBC3-SHA ciphers as 192 bits. However a SSL Labs scan will report the following: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0xa)112 [bits] I'm not a crypto-nerd but if I read this explanation correctly that particular cipher has an effective security of 112 bits but if the encryption is achieved by using 3 56 bit keys (3 X 56 = 168) why is F5 reporting 192 bits?
How to force LTM to return TLS_RSA_WITH_RC4_128_SHA as ciphers string in a SSL client profile
Hi There, After upgrading LTM from 11.3 to 11.5, it seems like breaking application TLS single sign-on feature. During TLS handshake initiated by client, the LTM returns TLS_RSA_WITH_3DES_EDE_CBC_SHA as chosen cipher. Before upgrade, the LTM returned TLS_RSA_WITH_RC4_128_SHA as chosen cipher. How to force LTM to return TLS_RSA_WITH_RC4_128_SHA as a cipher string in a SSL client profile at v11.5? Thanks, Hong