1 . 登錄F5控制台
2 .點擊 Local Traffic > Profiles > SSL > Client.
3 . 點擊需要配置的profile
4 . 在配置中選擇高級選項
5 . 勾選定制, 在cipher框中輸入相應配置
例如:
DEFAULT:ECDHE:ECDHE_ECDSA:DHE_DSS
DEFAULT:-RSA:!DES:!RC4:!SSLv2:!SSLv3:!TLSv1:TLSv1_2:COMPAT:AES128-GCM-SHA256
每個配置的意思可以查看下表:
| Parameter | Definition |
| !SSLv2 | Do not use SSLv2 protocol |
| !EXPORT | Do not use EXPORT grade (weak) ciphers |
| DHE+AES-GCM | Use DHE+AES-GCM ciphers |
| DHE+AES | Use DHE+AES ciphers |
| DHE+3DES | Use DHE+3DES ciphers |
| RSA+AES-GCM | Use RSA+AES-GCM ciphers |
| RSA+AES | Use RSA+AES ciphers |
| RSA+3DES | Use RSA+3DES ciphers |
| ECDHE+AES-GCM | Use ECDHE+AES-GCM ciphers |
| ECDHE+AES | Use ECDHE+AES ciphers |
| ECDHE+3DES | Use ECDHE+3DES ciphers |
| -MD5 | Do not use MD5 ciphers |
| -SSLv3 | Do not use SSLv3 protocol |
| -RC4 | Do not use RC4 ciphers |