Forum Discussion

André_Amaro_215's avatar
André_Amaro_215
Icon for Nimbostratus rankNimbostratus
Aug 19, 2015

How to disable TLSv1.0 in BigIP 10.2.3

Dear, good night.

 

I'm having trouble making my Ciphers do not use the TLSv1.0 in version 10.2.3 BigIP. I'm looking on the internet, including documentation here at F5 site and in other posts in this community, but have not had success.

 

They could help me?

 

Thank you!

 

4 Replies

  • Hi,

     

    In SSL ptofile with options list. You can select 'No TLSv1'.

     

  • Hi,

     

    in the SSL Client Profile, within "Ciphers", you can check "DEFAULT:!TLSv1:!TLSv1_1"

     

    • André_Amaro_215's avatar
      André_Amaro_215
      Icon for Nimbostratus rankNimbostratus
      Hi fgf, I had already tested this type of cipher, but in this version the BigIP does not accept the cipher "TLSv1_1".
  • Hi,

     

    there was a lack of compreesão on my part. In some previous answers I said "!TLSv1" did not serve to disable the 1.1 version I wanted because it was not recognized. This is wrong, when I performed these test, the number was not accepted because it was not accepted along with other ciphers that I had entered.