Forum Discussion

Nimbostratus

Mar 12, 2018

Using SSL Labs new update Feb 2018

Need to get a A This is reporting giving me a B 1. Grading change: Grading changes for ROBOT vulnerability, Forward secrecy and AEAD ciphers Since SSL Labs has updated in Feb 2018 SSL Lab...

Ret. Employee

Mar 12, 2018

Additionally to Stanislas notes

https://support.f5.com/csp/article/K21905460

AEAD ciphers are ciphers that has next DHE/EDHE + AES in GCM mode

SSLlabs does not require to have AEAD ciphers only but at least one of them need to be in the list

Forward secrecy requires DHE/ECDHE ciphers. RSA key exchange need to be disabled. Be aware that RSA_ECDHE are not considered as RSA key exchange.

https://blog.qualys.com/ssllabs/2018/02/02/forward-secrecy-authenticated-encryption-and-robot-grading-update

Forum Discussion

Using SSL Labs new update Feb 2018

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

F5 Labs Publishes October Update to Sensor Intel Series

Auditing Security Policy Updates

Re: Zero Trust - Making use of a powerfull Identity Aware Proxy (Hands on lab)

Achieving an SSL Labs A+ score with F5 products

Using F5 Application Security and DOS Solutions with AWS Global Accelerator - Part 2 Building a Lab