Archive for June, 2016

SSL invalid certs and chrome

0

If you run into situations where you have a LOT of self signed certs on the sites you’re visiting.

The new way to bypass this screen is to type badidea

SSLgate and F5 Bigip profiles

0

Over the last year, hopefully you haven’t been under a rock and have been aware of all the issues with SSL attacks. I’m sure this post will be outdated, and it isn’t the end-all and be all of fixing this, but it may help someone.

In the SSL profile section on the big ip, use the following:

DEFAULT:TLSv1:TLSv1_2:!LOW:!SSLv3:!SSLv2:!RC4

This allows the default as set on your F5, allow TLS v1, TLS v1.2 and disallows SSLV3, SSLV2 and RC4. There are of course other vulns out there!

Go to Top