SSL cipher order

Question

Hello guys,
I am looking for some info on how to change the order of SSL ciphers that the LTM can negotiate. More specifically, I'd like to have strong ciphers first, and have one weaker cipher in the end, hoping this cipher will be negotiated only when the client doesn't not support any of the stronger ciphers. I see that there is the option to order the ciphers by Speed, but I suppose this is the opposite of what I am looking for.
If I omit the @SPEED string, what is the cipher order? Can I perhaps order the cipher by specifying them consecutively one by one in the cipher string value field?&nbsp;
I searched through DevCentral and the AskF5 page, but could not find more info on this.&nbsp;

ccb · Answer

Hi,&nbsp;
https://devcentral.f5.com/articles/ssl-profiles-part-4-cipher-suites.U5rIoPmSy1k&nbsp;
It will give you an example of strength before speed using the openssl syntax. Hope that helps.&nbsp;

Forum Discussion

SSL cipher order

1 Reply

Recent Discussions

Help with URL Masking

Import PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

Related Content

Enforce Server Cipher proposal in preferred order

iRule Event Order Flowchart

Cipher Suites Supported (12.1.5.3)

SSL Profiles Part 4: Cipher Suites

Cipher Suite Practices and Pitfalls