Forum Discussion

Nimbostratus

Jul 26, 2017

Enforce TLS1.0 & TLS1.1 to TLS1.2

Hi Team, We have a scenario on our set up where we are accepting only TLS 1.2 connections to the applications and denies all other TLS.This we are doing via irule. However Is there a way we...

Nimbostratus

Jul 27, 2017

Hello,

I dont think that you need iRule to achieve that. You can simply change the ciphers in your clientssl profile.

Example: Use "TLSv1_2" for your clientssl cipher and you will force F5 to negotiate with the clients only with TLSv1.2. In that way you don`t need to redirect anything :)

If I understood you correctly this will work for you.

Regards

Forum Discussion

Enforce TLS1.0 & TLS1.1 to TLS1.2

Recent Discussions

BWC iRule

Citrix XenServer Big-IP Upgrade help

iRule condition - request contains more than 10000 parameters

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

BoT Defense Profile, Signature Enforcement

Enforce RFC Compliance option in http profile

Enforce Server Cipher proposal in preferred order

export "ready to be enforced" signature list

Enforcing a Single Connection Max to Pool Members