Forum Discussion
Hannes_Rapp_162
Nacreous
The default cipher suite in 11.5.3 is already sufficient to comply with current PCI DSS 3.0 requirements. Leaving the paranoid security-guru suggestions aside, there's nothing wrong with using the DEFAULT of 11.5.3 today.
Config related:
Your only sensible option for applying a new global configuration is to create a new clientside SSL profile (i.e. clientssl_custom) which you will then re-use as the
Parent Profile
when creating you custom clientssl profiles.Chase_Abbott
Mar 31, 2017Employee
And: https://devcentral.f5.com/s/articles/security-sidebar-improving-your-ssl-labs-test-grade
 
But related for newer versions.