Cipher string mismatch ??
Hi, I configured SSL cipher string, to support 6 different ciphers: config tmm --clientciphers TLSv1_2+ECDH-RSA-AES256-GCM-SHA384:TLSv1_2+ECDH-RSA-AES256-SHA384:TLSv1_2+ECDH-RSA-AES256-SHA:TLSv1_2+DHE-RSA-AES256-SHA256:TLSv1_2+DHE-RSA-AES256-SHA:TLSv1_2+DHE-RSA-AES256-GCM-SHA384 ID SUITE BITS PROT METHOD CIPHER MAC KEYX 0: 49202 ECDH-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 ECDH_RSA 1: 49194 ECDH-RSA-AES256-SHA384 256 TLS1.2 Native AES SHA384 ECDH_RSA 2: 49167 ECDH-RSA-AES256-SHA 256 TLS1.2 Native AES SHA ECDH_RSA 3: 107 DHE-RSA-AES256-SHA256 256 TLS1.2 Native AES SHA256 EDH/RSA 4: 57 DHE-RSA-AES256-SHA 256 TLS1.2 Native AES SHA EDH/RSA 5: 159 DHE-RSA-AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 EDH/RSA I used that string in ClientSSL profile, but when I tested my page with SSLlabs, only ciphers 3,4,5 are supported. Any idea where is the problem?? Best regards, Spella
Question on configuring SNI clientSSL Profile
Hi Experts , I have a question on configuring the SNI SSL profile .Suppose say I have 3 different certificate and 3 SSL profile to be attached to the VIP to configure SNI . https://www.securesite1.com ClientSSL1 > Default SSL Profile for SNI https://www.securesite2.com ClientSSL2 https://www.securesite3.com ClientSSL3 To enable SNI, we configure the Server Name and Default SSL Profile for SNI will be checked on an SSL profile of ClientSSL1, and then assign the profile to a virtual server. How about on other 2 SSL profiles ClientSSL2 & ClientSSL3 ? For other SSL profiles do I need to type the name for the HTTPS site in the Server Name box ? or it can be left blank ?
