SSL Client profile - OPTIONS question??

Question

&nbsp; I have been experimenting with custom ClientSSL Profiles with minimal success. Can someone please tell me the syntax for forcing the LTM to allow connections only with this cipher suite: 
&nbsp;  
&nbsp; TLS_RSA_WITH_RC4_128_MD5 
&nbsp;  
&nbsp; I am assuming the correct syntax just needs to go in the options field or at least that's what I've been doing. I chose this one because this is what my browser connects at and it works but the custom app does not work. 
&nbsp;  
&nbsp; Any help is fully appreciated. 
&nbsp;  
&nbsp; Thank you,

hooleylist · Answer

Take a look at SOL8802 and SOL7815 for details on the SSL cipher suites available: 
&nbsp;  
&nbsp; SOL8802: Overview of SSL ciphers supported in BIG-IP version 9.x 
&nbsp; https://support.f5.com/kb/en-us/solutions/public/8000/800/sol8802.html (Click here) 
&nbsp;  
&nbsp; SOL7815: Configuring the cipher strength for SSL profiles 
&nbsp; https://support.f5.com/kb/en-us/solutions/public/7000/800/sol7815.html (Click here) 
&nbsp;  
&nbsp; You may also want to handle non-compliant requests more gracefully by checking the cipher strength in an iRule 
&nbsp; http://devcentral.f5.com/Wiki/default.aspx/iRules/RedirectOnWeakEncryption.html (Click here) 
&nbsp;  
&nbsp; Aaron

Forum Discussion

SSL Client profile - OPTIONS question??

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Rewrite uri translation not working

Related Content

Enforce RFC Compliance option in http profile

LTM Policy Options Clarification

Health monitor question

Server Profile SNI

F5 Connection Mirroring question