Cipher configuration

Question

Hello, I am trying to configure SSL client Profile version 12.1.2 including the next ciphers:&nbsp;
ECDHE_RSA_WITH_AES_128_CBC_SHA256&nbsp;
ECDHE_RSA_WITH_AES_256_CBC_SHA384&nbsp;
However I can find only: &nbsp;
ECDHE-RSA-AES128-CBC-SHA      
&nbsp;
ECDHE-RSA-AES256-CBC-SHA &nbsp;
neither SHA26 nor SHA384 in MAC. Any idea what I am doing wrong? I want to be sure cipher configuration is OK before configuring SSL offloading in LTM, because it is the current configuration for cipher suites.&nbsp;
Thank you,&nbsp;

kevin_k_51432 · Answer

Greetings,
It looks to me like the CBC is implied. After looking the cipher up online and doing a quick connection test, CBC was listed in the cipher suite. From my test session capture:
            Session ID Length: 32
            Session ID: 32e83402862ca8e61ab05c0bee75506daf4782b2fa83fe56...
            Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
            Compression Method: null (0)

Using:
tmm --clientciphers DEFAULT | grep -i ecdh | grep -i sha384
34: 49192  ECDHE-RSA-AES256-SHA384          256  TLS1.2  Native  AES       SHA384  ECDHE_RSA

You could test on your end just to be sure 😃
Kevin

Forum Discussion

Cipher configuration

1 Reply

Recent Discussions

Unwinding the Benefits of Investing in White Label Crypto Wallet

SMTP profile not visible & showing

About AWAF "Redirect URLs" in "Responses and Blocks"

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Disabling Weak Ciphers

Cipher suite mismatch advertisement/warning

Certificate Expiry Email alert configuration

Enforce Server Cipher proposal in preferred order

CBC ciphers in relation to RFC7366 Encrypt-then-MAC