How to view which ciphers my ssl profile supports?

Question

A recent vulnerability scan found that I am supporting for following weak ciphers:&nbsp;
ECDHE-RSA-DES-CBC3-SHA
DES-CBC3-SHA&nbsp;
I have just disabled them in my SSL Client 'clientssl' profile which is the parent profile for my other SSL profiles using string:&nbsp;
DEFAULT:!SSLv3:!RC4:!DHE:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA&nbsp;
What is the TMM command that I can run to see which ciphers are now support by the 'clientssl' profile or other child profiles? I've run the tmm --clientciphers DEFAULT command but I want to see what I am still support if that is possible before I re-run the scan.&nbsp;
Thanks in advance!&nbsp;

charlescs · Answer

Use the "tmm --clientciphers" command, and as its operand enclose the clientssl profile's cipher string in single-quotes:
tmm --clientciphers 'DEFAULT:!SSLv3:!RC4:!DHE:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA'

Forum Discussion

How to view which ciphers my ssl profile supports?

1 Reply

Recent Discussions

Rewrite uri translation not working

no available managed rule groups for Israel il-central-1

About shun list for L7 DDoS?

CONNECTION IS LOST DUE TO SELF IP IS DELIVERED

ASM instance creation

Related Content

Cipher Suites Supported (12.1.5.3)

LTM Diameter iRules and Profile Configurations with Support for Server Initiated Request

TMOS script for updating SSL profile cipher group and TLS versions

Disabling Weak Ciphers

SSL Profiles