We are running BIG-IP LTM 12.1.1. We have already disabled the weak cipher from the Client SSL Profile but still getting Weak Cipher Qualys SSL-Labs rating.
Currently we are having following values in the Client SSL Profile : "DEFAULT:!DES-CBC3-SHA:!ECDHE-RSA-DES-CBC3-SHA:!DHE-RSA-DES-CBC3-SHA:!DHE-RSA-AES256-GCM-SHA384:!DHE-RSA-AES128-GCM-SHA256:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES256-SHA:!DHE-RSA-AES128-SHA256"
But when adding the value ":!DHE-RSA-DES-CBC3-SHA" which appears in the PT report it give us an error.
Please advise how we can disable it from our Client SSl Profile.
Not sure if this answers your question, but if you seek to score as high as possible on ssl-labs, you should use these ciphers:
It will get you an "A" score.