Bug ID 476386: DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 should only be supported for tls1.2

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8

Fixed In:
12.0.0, 11.6.1, 11.5.1 HF5

Opened: Aug 21, 2014
Severity: 3-Major


DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 are visible for other protocols, but are only supported for TLS1.2.


Selecting these might have unexpected results.


These should only show up under TLS1.2 but they are visible for other protocols.



Fix Information

Resolved issue to ensure that DHE-RSA-AES256-SHA256 and DHE-RSA-AES128-SHA256 is supported only for TLS1.2.

Behavior Change