magnus78_287184
Mar 07, 2017Cirrus
SSL Labs A rating - 2017 Jan update
SSL Labs will change their rating. It will give penalties if still using 3DES with TLS 1.1 and newer protocol. How could I configure Bigip to support this ? But still support 3DES with TLS 1.0.
https://blog.qualys.com/ssllabs/2017/01/18/ssl-labs-grading-changes-january-2017
I´m using this chiper settings on the profile: !SSLv2:!EXPORT:!DHE+AES-GCM:!DHE+AES:!DHE+3DES:ECDHE+AES-GCM:ECDHE+AES:RSA+AES-GCM:RSA+AES:ECDHE+3DES:RSA+3DES:-MD5:-SSLv3:-RC4:@STRENGTH