1 . 登录F5控制台
2 .点击 Local Traffic > Profiles > SSL > Client.
3 . 点击需要配置的profile
4 . 在配置中选择高级选项
5 . 勾选定制, 在cipher框中输入相应配置
例如:
DEFAULT:ECDHE:ECDHE_ECDSA:DHE_DSS
DEFAULT:-RSA:!DES:!RC4:!SSLv2:!SSLv3:!TLSv1:TLSv1_2:COMPAT:AES128-GCM-SHA256
每个配置的意思可以查看下表:
| Parameter | Definition |
| !SSLv2 | Do not use SSLv2 protocol |
| !EXPORT | Do not use EXPORT grade (weak) ciphers |
| DHE+AES-GCM | Use DHE+AES-GCM ciphers |
| DHE+AES | Use DHE+AES ciphers |
| DHE+3DES | Use DHE+3DES ciphers |
| RSA+AES-GCM | Use RSA+AES-GCM ciphers |
| RSA+AES | Use RSA+AES ciphers |
| RSA+3DES | Use RSA+3DES ciphers |
| ECDHE+AES-GCM | Use ECDHE+AES-GCM ciphers |
| ECDHE+AES | Use ECDHE+AES ciphers |
| ECDHE+3DES | Use ECDHE+3DES ciphers |
| -MD5 | Do not use MD5 ciphers |
| -SSLv3 | Do not use SSLv3 protocol |
| -RC4 | Do not use RC4 ciphers |