How to get client SSL profile to inerhit parent cipher suite in SNI config?
Hello,
A security audit has found some issues with cipher suites in use in the default SSL client profiles(v12.1.2). Since this Virtual Server uses SNI, I am unable to modify the client profiles directly, otherwise I get an error that the security doesn't match for the virtual server(since there are 3 other client profiles assigned to virtual server). I created a new client SSL profile with a more secure cipher suite, and tried using that as the parent, however the client basically ignores the parent profile setting since the child profile contains "DEFAULT" in ciphers. Is there a way to have the client profile inherit the parent's cipher suite? I tried removing "DEFAULT" and leaving it blank, but that also throws the security error. Otherwise I will have to remove the 3 production profiles from the Virtual Server, causing a production outage. Seems rather silly.
Thanks.