ltm cipher rule
ltm cipher rule(1) BIG-IP TMSH Manual ltm cipher rule(1)
NAME
rule - Configures a cipher rule.
MODULE
ltm cipher
SYNTAX
Configure the rule component within the cipher module using the syntax shown in the following sections.
CREATE/MODIFY
create rule [name]
modify rule [name]
options:
cipher [string]
description [string]
dh-groups [string]
signature-algorithms [string]
edit rule [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
DISPLAY
list rule
list rule [ [ [name] | [glob] | [regex] ] ... ]
show rule [ [ [name] | [glob] | [regex] ] ... ]
DELETE
delete rule [all | [name]]
options:
recursive
DESCRIPTION
You can use the rule component to create, modify, or delete a custom cipher rule, or display a custom cipher
rule.
Cipher rules are gathered into cipher groups and attached to client-ssl or server-ssl profiles.
EXAMPLES
create rule my_rule cipher "default"
Creates a rule named my_rule with a cipher string "default".
OPTIONS
cipher rule
Specifies the OpenSSL compatible cipher string.
description
User defined description.
dh-groups groups
Specifies the allowed named groups, separated by ":". For example: "P256:X25519"
The available named groups are: P256, P384, X25519 A special keyword, DEFAULT, represents the recommended
set of named groups.
signature-algorithms signature algorithms
Specifies the allowed signatures algorithms, separated by ":". For example:
"RSA_PKCS1_SHA256:ECDSA_P256_SHA256"
The available signature algorithms are: DSA-SHA1, DSA-SHA256, DSA-SHA384, DSA-SHA512, ECDSA-SHA1,
ECDSA-SHA256, ECDSA-SHA384, ECDSA-SHA512, RSA-PKCS1-SHA1, RSA-PKCS1-SHA256, RSA-PKCS1-SHA384,
RSA-PKCS1-SHA512, RSA-PSS-SHA256, RSA-PSS-SHA384, RSA-PSS-SHA512
A special keyword, DEFAULT, represents the recommended set of signature algorithms.
SEE ALSO
create, delete, edit, glob, list, ltm virtual, modify, mv, regex, reset-stats, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or by any means, electronic or
mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2016. All rights reserved.
BIG-IP 2019-04-10 ltm cipher rule(1)