Can someone provide a good LTM client cipher set that would pass PCI ASV as well as support as many browsers as possible? I know no one can support IE 6-10 due to it not having TLS 1.2 and still be PCI compliant... Thanks!

Hello Nate, These string configs may not be ideal, but are good enough to pass PCI audits. I've implemented them for many clients who undergo PCI audits annually. PCI DSS 3.1 (Will be enforced in June 2016): ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3:!TLSv1 PCI DSS 3.0 (Enforced today): ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3 I believe if your F5 version is v11.5.1 or later, the DEFAULT cipher string will also pass PCI DSS 3.0. For v3.1 compliance, you will have to additionally disable TLS 1.0 Regards

My problem is that this fails PCI via my VM scanner. I can eliminate TLS 1.1 but still leaves this: Negotiated with the following insecure cipher suites: TLS 1.2 ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

I can get this setup to pass the scanner, gets an A- on SSL Labs, but cuts out support for many safari versions... ECDHE-ECDSA-AES256-GCM-SHA384:!AES256-SHA256:!AES128-SHA256:!AES256-SHA:!AES128-SHA:ECDHE:AES:AES-GCM:3DES:!MD5:!EXPORT:!DES:!EDH:!SSLv3:!RC4:!ADH:!TLSv1:!TLSv1_1:!3DES:!ECDHE+AES:RSA+AES This doesn't pass the PCI scan but supports Safari... !LOW:!SSLv3:!MD5:!RC4-SHA:!EXPORT:DHE+AES:DHE+3DES:RSA+AES:RSA+3DES:ECDHE+AES:ECDHE-RSA-DES-CBC3-SHA

PCI Cipher Set | DevCentral

21 Replies

Hannes_Rapp
Nimbostratus
Dec 02, 2015
Hello Nate,

These string configs may not be ideal, but are good enough to pass PCI audits. I've implemented them for many clients who undergo PCI audits annually.

PCI DSS 3.1 (Will be enforced in June 2016):
ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3:!TLSv1
PCI DSS 3.0 (Enforced today):
ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3

I believe if your F5 version is v11.5.1 or later, the DEFAULT cipher string will also pass PCI DSS 3.0. For v3.1 compliance, you will have to additionally disable TLS 1.0

Regards
- natesmith317_18
  Nimbostratus
  Dec 02, 2015
  My problem is that this fails PCI via my VM scanner. I can eliminate TLS 1.1 but still leaves this: Negotiated with the following insecure cipher suites: TLS 1.2 ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- natesmith317_18
  Nimbostratus
  Dec 02, 2015
  I can get this setup to pass the scanner, gets an A- on SSL Labs, but cuts out support for many safari versions... ECDHE-ECDSA-AES256-GCM-SHA384:!AES256-SHA256:!AES128-SHA256:!AES256-SHA:!AES128-SHA:ECDHE:AES:AES-GCM:3DES:!MD5:!EXPORT:!DES:!EDH:!SSLv3:!RC4:!ADH:!TLSv1:!TLSv1_1:!3DES:!ECDHE+AES:RSA+AES This doesn't pass the PCI scan but supports Safari... !LOW:!SSLv3:!MD5:!RC4-SHA:!EXPORT:DHE+AES:DHE+3DES:RSA+AES:RSA+3DES:ECDHE+AES:ECDHE-RSA-DES-CBC3-SHA
- Hannes_Rapp
  Nimbostratus
  Dec 02, 2015
  Can you retry with !CBC option? I've updated my original answer with the new string.
Hannes_Rapp_162
Nacreous
Dec 02, 2015
Hello Nate,

These string configs may not be ideal, but are good enough to pass PCI audits. I've implemented them for many clients who undergo PCI audits annually.

PCI DSS 3.1 (Will be enforced in June 2016):
ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3:!TLSv1
PCI DSS 3.0 (Enforced today):
ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3

I believe if your F5 version is v11.5.1 or later, the DEFAULT cipher string will also pass PCI DSS 3.0. For v3.1 compliance, you will have to additionally disable TLS 1.0

Regards
- natesmith317_18
  Nimbostratus
  Dec 02, 2015
  My problem is that this fails PCI via my VM scanner. I can eliminate TLS 1.1 but still leaves this: Negotiated with the following insecure cipher suites: TLS 1.2 ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
- natesmith317_18
  Nimbostratus
  Dec 02, 2015
  I can get this setup to pass the scanner, gets an A- on SSL Labs, but cuts out support for many safari versions... ECDHE-ECDSA-AES256-GCM-SHA384:!AES256-SHA256:!AES128-SHA256:!AES256-SHA:!AES128-SHA:ECDHE:AES:AES-GCM:3DES:!MD5:!EXPORT:!DES:!EDH:!SSLv3:!RC4:!ADH:!TLSv1:!TLSv1_1:!3DES:!ECDHE+AES:RSA+AES This doesn't pass the PCI scan but supports Safari... !LOW:!SSLv3:!MD5:!RC4-SHA:!EXPORT:DHE+AES:DHE+3DES:RSA+AES:RSA+3DES:ECDHE+AES:ECDHE-RSA-DES-CBC3-SHA
- Hannes_Rapp_162
  Nacreous
  Dec 02, 2015
  Can you retry with !CBC option? I've updated my original answer with the new string.
alex100
Cirrostratus
Dec 02, 2015
ALL AES ciphers are utilizing Cipher Block Chaining (CBC) even that "CBC" is not present in the actual name of the cipher suite. So to really exclude CBC you want to add !AES to your string. In my understanding the only PCI 3.1 compliant cipher are AES-GCM and TLS 1.3 However, it's not 100% clear if those are PCI 3.1 of 4.0 compliance requirements.

Hannes_Rapp_162

Nacreous

Dec 03, 2015

Good morning,

I've read that CBC in combination with TLS1.2 is OK to use in case of PCI DSS 3.1 which will be enforced June 2016. Furthermore, our apps that process Visa and Mastercard payments were PCI-passed just this year with the same string I gave you initially. Without any changes, this will also pass the PCI DSS audit in June 2016. Can you specify which PCI version your scanner is using as the basis? I think youre too much ahead of the time, and those rules are probably not yet enforced at this point. Please clarify if you believe I'm not correct on that.

Nevertheless, to meet the requirements of your scanner, I've come to this string. Give it a try 🙂

 tmm --clientciphers 'ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3:!TLSv1:!SHA1'
       ID  SUITE                            BITS PROT    METHOD  CIPHER  MAC     KEYX
 0: 49200  ECDHE-RSA-AES256-GCM-SHA384      256  TLS1.2  Native  AES-GCM  SHA384  ECDHE_RSA
 1: 49196  ECDHE-ECDSA-AES256-GCM-SHA384    256  TLS1.2  Native  AES-GCM  SHA384  ECDHE_ECDSA
 2: 49192  ECDHE-RSA-AES256-SHA384          256  TLS1.2  Native  AES     SHA384  ECDHE_RSA
 3: 49188  ECDHE-ECDSA-AES256-SHA384        256  TLS1.2  Native  AES     SHA384  ECDHE_ECDSA
 4:   163  DHE-DSS-AES256-GCM-SHA384        256  TLS1.2  Native  AES-GCM  SHA384  DHE/DSS
 5:   106  DHE-DSS-AES256-SHA256            256  TLS1.2  Native  AES     SHA256  DHE/DSS
 6: 49202  ECDH-RSA-AES256-GCM-SHA384       256  TLS1.2  Native  AES-GCM  SHA384  ECDH_RSA
 7: 49198  ECDH-ECDSA-AES256-GCM-SHA384     256  TLS1.2  Native  AES-GCM  SHA384  ECDH_ECDSA
 8: 49194  ECDH-RSA-AES256-SHA384           256  TLS1.2  Native  AES     SHA384  ECDH_RSA
 9: 49190  ECDH-ECDSA-AES256-SHA384         256  TLS1.2  Native  AES     SHA384  ECDH_ECDSA
10:   157  AES256-GCM-SHA384                256  TLS1.2  Native  AES-GCM  SHA384  RSA
11:    61  AES256-SHA256                    256  TLS1.2  Native  AES     SHA256  RSA
12: 49199  ECDHE-RSA-AES128-GCM-SHA256      128  TLS1.2  Native  AES-GCM  SHA256  ECDHE_RSA
13: 49195  ECDHE-ECDSA-AES128-GCM-SHA256    128  TLS1.2  Native  AES-GCM  SHA256  ECDHE_ECDSA
14: 49191  ECDHE-RSA-AES128-SHA256          128  TLS1.2  Native  AES     SHA256  ECDHE_RSA
15: 49187  ECDHE-ECDSA-AES128-SHA256        128  TLS1.2  Native  AES     SHA256  ECDHE_ECDSA
16:   162  DHE-DSS-AES128-GCM-SHA256        128  TLS1.2  Native  AES-GCM  SHA256  DHE/DSS
17:    64  DHE-DSS-AES128-SHA256            128  TLS1.2  Native  AES     SHA256  DHE/DSS
18: 49201  ECDH-RSA-AES128-GCM-SHA256       128  TLS1.2  Native  AES-GCM  SHA256  ECDH_RSA
19: 49197  ECDH-ECDSA-AES128-GCM-SHA256     128  TLS1.2  Native  AES-GCM  SHA256  ECDH_ECDSA
20: 49193  ECDH-RSA-AES128-SHA256           128  TLS1.2  Native  AES     SHA256  ECDH_RSA
21: 49189  ECDH-ECDSA-AES128-SHA256         128  TLS1.2  Native  AES     SHA256  ECDH_ECDSA
22:   156  AES128-GCM-SHA256                128  TLS1.2  Native  AES-GCM  SHA256  RSA
23:    60  AES128-SHA256                    128  TLS1.2  Native  AES     SHA256  RSA

natesmith317_18
Nimbostratus
Dec 03, 2015
I will try this today! Thank you!!
natesmith317_18
Nimbostratus
Dec 03, 2015
It appears my hosted scanner (Rapid 7) is incorrectly listing these as insecure: TLS 1.2 ciphers: TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 I am going to put in an exception and we should be good! Thanks for your help!
alex100_194614
Nimbostratus
Dec 03, 2015
We use Rapid 7 as well and what we found out is they are bumping up the there own requirements to get clients aware for future change in compliance. They kind of had us freak out over the recent scans. But it has nothing to do with current PCI cipher suite requirements.

Hannes_Rapp

Nimbostratus

Dec 03, 2015

Good morning,

Nevertheless, to meet the requirements of your scanner, I've come to this string. Give it a try 🙂

 tmm --clientciphers 'ALL:!EXPORT:!RC4:!DES:!ADH:!EDH:!SSLv3:!TLSv1:!SHA1'
       ID  SUITE                            BITS PROT    METHOD  CIPHER  MAC     KEYX
 0: 49200  ECDHE-RSA-AES256-GCM-SHA384      256  TLS1.2  Native  AES-GCM  SHA384  ECDHE_RSA
 1: 49196  ECDHE-ECDSA-AES256-GCM-SHA384    256  TLS1.2  Native  AES-GCM  SHA384  ECDHE_ECDSA
 2: 49192  ECDHE-RSA-AES256-SHA384          256  TLS1.2  Native  AES     SHA384  ECDHE_RSA
 3: 49188  ECDHE-ECDSA-AES256-SHA384        256  TLS1.2  Native  AES     SHA384  ECDHE_ECDSA
 4:   163  DHE-DSS-AES256-GCM-SHA384        256  TLS1.2  Native  AES-GCM  SHA384  DHE/DSS
 5:   106  DHE-DSS-AES256-SHA256            256  TLS1.2  Native  AES     SHA256  DHE/DSS
 6: 49202  ECDH-RSA-AES256-GCM-SHA384       256  TLS1.2  Native  AES-GCM  SHA384  ECDH_RSA
 7: 49198  ECDH-ECDSA-AES256-GCM-SHA384     256  TLS1.2  Native  AES-GCM  SHA384  ECDH_ECDSA
 8: 49194  ECDH-RSA-AES256-SHA384           256  TLS1.2  Native  AES     SHA384  ECDH_RSA
 9: 49190  ECDH-ECDSA-AES256-SHA384         256  TLS1.2  Native  AES     SHA384  ECDH_ECDSA
10:   157  AES256-GCM-SHA384                256  TLS1.2  Native  AES-GCM  SHA384  RSA
11:    61  AES256-SHA256                    256  TLS1.2  Native  AES     SHA256  RSA
12: 49199  ECDHE-RSA-AES128-GCM-SHA256      128  TLS1.2  Native  AES-GCM  SHA256  ECDHE_RSA
13: 49195  ECDHE-ECDSA-AES128-GCM-SHA256    128  TLS1.2  Native  AES-GCM  SHA256  ECDHE_ECDSA
14: 49191  ECDHE-RSA-AES128-SHA256          128  TLS1.2  Native  AES     SHA256  ECDHE_RSA
15: 49187  ECDHE-ECDSA-AES128-SHA256        128  TLS1.2  Native  AES     SHA256  ECDHE_ECDSA
16:   162  DHE-DSS-AES128-GCM-SHA256        128  TLS1.2  Native  AES-GCM  SHA256  DHE/DSS
17:    64  DHE-DSS-AES128-SHA256            128  TLS1.2  Native  AES     SHA256  DHE/DSS
18: 49201  ECDH-RSA-AES128-GCM-SHA256       128  TLS1.2  Native  AES-GCM  SHA256  ECDH_RSA
19: 49197  ECDH-ECDSA-AES128-GCM-SHA256     128  TLS1.2  Native  AES-GCM  SHA256  ECDH_ECDSA
20: 49193  ECDH-RSA-AES128-SHA256           128  TLS1.2  Native  AES     SHA256  ECDH_RSA
21: 49189  ECDH-ECDSA-AES128-SHA256         128  TLS1.2  Native  AES     SHA256  ECDH_ECDSA
22:   156  AES128-GCM-SHA256                128  TLS1.2  Native  AES-GCM  SHA256  RSA
23:    60  AES128-SHA256                    128  TLS1.2  Native  AES     SHA256  RSA

natesmith317_18
Nimbostratus
Dec 03, 2015
I will try this today! Thank you!!
natesmith317_18
Nimbostratus
Dec 03, 2015
It appears my hosted scanner (Rapid 7) is incorrectly listing these as insecure: TLS 1.2 ciphers: TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 I am going to put in an exception and we should be good! Thanks for your help!
alex100_194614
Nimbostratus
Dec 03, 2015
We use Rapid 7 as well and what we found out is they are bumping up the there own requirements to get clients aware for future change in compliance. They kind of had us freak out over the recent scans. But it has nothing to do with current PCI cipher suite requirements.

Forum Discussion

PCI Cipher Set

21 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Decoding PCI-DSS v4.0: F5's Ridiculously Easy Guide to Technical Compliance

Cipher Suites Supported (12.1.5.3)

LTM Cipher rule

Cipher Suite Practices and Pitfalls

Disabling Weak Ciphers