SSL Client Profile Cipher Suites
I'm working on a project to re-order the client-side cipher suites on phases. Here is the ssl client profiles base configuraiton:
-ALL:!ADH:!LOW:!EXP:!SSLv2:!NULL:RC4:RSA:HIGH:MEDIUM
We can add any additional cipher suites we'd like in phase 1 without removing existing cipher suites. We are proposing the following:
!ADH:!LOW:!EXP:!NULL:!SSLv3:!DTLSv1:HIGH:MEDIUM:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES256-SHA:!DHE-RSA-DES-CBC3-SHA:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES128-SHA:RC4
This generally produces the tmm --clientciphers output we are looking for (for now).
Now for the problem. If you run that string above tmm it shows the cipher suites ordered by TLS1, TLS1.1 and TLS1.2. The exact opposite of what we'd like. We found in one of our test cases the packet capture showing ECDHE-RSA-AES256-CBC-SHA was the chosen cipher suite. And it shows the TLS1.2 and TLS1.1 handshake failures even though the client supports both. And they finally settled on TLS1.
So scaling things back and just looking at the cipher suite this one particular client would like and focusing on just the TLS version.
We understand the behavior based on the following:
tmm --clientciphers 'ECDHE-RSA-AES256-CBC-SHA'
0: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
1: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
2: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
What we don't understand is how to order these TLS1.2, TLS1.1 and TLS1. Like this (which I've just cut/paste):
0: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.2 Native AES SHA ECDHE_RSA
1: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1.1 Native AES SHA ECDHE_RSA
2: 49172 ECDHE-RSA-AES256-CBC-SHA 256 TLS1 Native AES SHA ECDHE_RSA
I've spent hours on F5's knowledge base, Google and trying things out in our lab i.e. :@STRENGTH.
Who knows how to order these cipher suites TLS1.2, TLS1.1 and TLS1?
In case it matters, this platform is BIG-IP 3900 running 11.6 HF4.