Cipher List

Question

I am trying to get a cipher string that changes lines 1 and 2 from ECDHE-RSA to DHE-RSA like shown below. I used the cipher rules and group to arrive at the suite below but cannot get to where I can change lines 1 and 2 to what I need. Any help?&nbsp;
DHE-RSA-AES128-SHA and DHE-RSA-AES256-SHA&nbsp;
ECDHE-RSA-AES256-CBC-SHA/TLS1.1
ECDHE-RSA-AES128-CBC-SHA/TLS1.1&nbsp;

ECDHE-ECDSA-AES256-SHA/TLS1.1&nbsp;

ECDHE-ECDSA-AES128-SHA/TLS1.1&nbsp;

ECDHE-RSA-AES256-GCM-SHA384/TLS1.2&nbsp;
ECDHE-RSA-AES256-SHA384/TLS1.2ECDHE-ECDSA-AES256-GCM-SHA384/TLS1.2ECDHE-ECDSA-AES256-SHA384/TLS1.2ECDHE-ECDSA-AES128-SHA256/TLS1.2ECDHE-ECDSA-AES128-GCM-SHA256/TLS1.2ECDHE-RSA-AES128-SHA256/TLS1.2ECDHE-RSA-AES128-GCM-SHA256/TLS1.2

acedawg1 · Answer

Can you include the text or a screenshot of the cipher rule that generated this list?&nbsp;

sip_354925 · Answer

The two rules that I used&nbsp;
DEFAULT:+SHA:-TLSv1_2:-TLSv1:-DTLSv1 and DEFAULT:+SHA256:+SHA384:-TLSv1_1:-TLSv1:-SHA&nbsp;

acedawg1 · Answer

Any reason you can't create a custom cipher rule and manually enter the cipher strings in the order you need:
ECDHE-RSA-AES128-CBC-SHA:ECDHE-RSA-AES256-CBC-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA...

harshapotharaju · Answer

Remove DEFAULT and add all your ciphers manually with : between them.&nbsp;

sip_354925 · Answer

Thank you. I did not realize that ciphers can be added in that manner.&nbsp;

Forum Discussion

Cipher List

5 Replies

Recent Discussions

Transaction looks successful but file not downloading

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Related Content

Cipher Suites Supported (12.1.5.3)

Disabling Weak Ciphers

Cipher Suite Practices and Pitfalls

LTM Cipher rule

F5 402 Exam reading list and notes