It is possible, I might be getting confused. But for clarification, the cert and key pair is signed with SHA2. What I am getting at is this, below are 2 snippets taken from SSL Labs reports. The first from our F5 indicating that the 1024 bit DH key is weak. 2nd is from the report of a linux box with the same ciphers using strong keys.

F5 VIP:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) **DH 1024 bits** (p: 128, g: 1, Ys: 128) FS **WEAK** 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) **DH 1024 bits** (p: 128, g: 1, Ys: 128) FS **WEAK** 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) **DH 1024 bits** (p: 128, g: 1, Ys: 128) FS **WEAK** 256

Linux box:

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) **DH 4096 bits** (p: 512, g: 1, Ys: 512) FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) **DH 4096 bits** (p: 512, g: 1, Ys: 512) FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) **DH 4096 bits** (p: 512, g: 1, Ys: 512) FS 256

So how do I get the F5 to not use 1024?