Forum Discussion

Vincent_Malguy_'s avatar
Vincent_Malguy_
Icon for Nimbostratus rankNimbostratus
Jun 19, 2008

ssl profile security option

Hi, I wanted to know if someone know which option should be allow in a ssl profile to meet this requiment extracted from a apache config :

 

 

SSLProtocol -ALL +SSLv3 +TLSv1

 

SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM

 

 

I have already ENABLE those :

 

No SSLv2

 

Single DH use

 

 

but i am not sure about the other Cipher to exclude.

 

 

Regards, Vincent Malguy.

 

 

4 Replies

  • I believe that you can just put that cipher string into the Ciphers box in the GUI and it will interpret it the same as Apache.

     

     

    Denny
  • Deb_Allen_18's avatar
    Deb_Allen_18
    Historic F5 Account
    This thread (Click here) asked the same question, seems to include a workable & pen-tested solution.

     

     

    hth

     

    /deb