What_Lies_Bene1
Oct 27, 2014Cirrostratus
Management Interface SSL Ciphers
Hey all,
So, I'm trying to restrict the SSL ciphers used with the management interface (including iControl). To test this, I've used the
[tmsh] modify sys httpd ssl-ciphersuite ...
command with a very weak cipher string. I've restarted httpd and also done a full reboot. In either case;
*When using a browser I'm negotiating a TLS cipher suite *When using iControl I'm negotiating an even stronger suite: TLS_RSA_WITH_AES_256_CBC_SHA
I've two reasons to do this;
1) I want to troubleshoot some iControl issues
2) I want to disable SSLv3 ciphers, if my changes are ignored, I'm worried
Any ideas anyone?
The ciphersuite I've configured is: -ALL:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA
TMOS v11.4.1 (VE), build 608.0.