stephen_piskor_
Sep 07, 2017Nimbostratus
Disable Specific SSL Ciphers on F5 Big IP
Hi,
F5 novice here. Due to the results of a recent pentest I need to disable 3DES and RC4 ciphers on our F5 Big IP running 12.1.
I have been able to edit the existing ciphers and successfully disable one Cipher but when ever I add more than one cipher the additions get ignored. I believe this is a an issue with the syntax and the way I am adding them.
I am did this first which worked for one cipher. DEFAULT:!DES-CBC3-SHA
But when I add additional ciphers they get ignored.
DEFAULT:!DES-CBC3-SHA!ECDHE-ECDSA-DES-CBC3-SHA
I have a list of 9 ciphers I need to disable, Can anyone point me in the right direction as to how to add multiple SSL ciphers.
Thanks !