Forum Discussion

bcrogerz's avatar
bcrogerz
Icon for Cirrus rankCirrus
Jan 12, 2015
Solved

Logic behind F5's Cipher Suite selection from the default Cipher suite

!SSLv3:!SSLv2:AES:ALL:!DH:!ADH:!EDH:!MD5:!EXPORT:!DES:@SPEED (Cipher suite used) The intention is to enable the clients to be able to select AES as their cipher suite. 1.) Now does this AES being configured ahead of ALL work ? 2.) will the clients now start using AED frequently as compared to the other available Cipher Suites ( given that at the of the statement we have keyed in :@SPEED ) 3.) Are there other parameters like @SPEED supported by F5 for clients to choose the selection logic ?

 

  • We actually use "!EXPORT:!DH:!MD5:!SSLv3:!DTLSv1:ECDHE+AES-GCM:ECDHE+AES:ECDHE+3DES:ECDHE+RSA:RSA+AES-GCM:RSA+AES:RSA+3DES"

6 Replies