But another sure way to increase your SSLLAB score is to enable HPKP ( http public key pining ). This process is simple to create and if you can inject the HTTP-header "Public-Key-Pins:" and the pin, you can increase the comfort level within the browser.
Here's typical A+ score as seen on SSLAB for a website i just recently built
I'm going to focus on HPKP pinning.
1st to find your https-site public-key is quite simple.
openssl s_client -connect www.example.com:443 | openssl x509 -noout -pubkey > yoursitepub.key
The above example will create a file with the following context
Alternative, you can use the quick hpkp calculator ;)
Tools that's helpful
In a F5, you can apply a public key pin with in a LTMPOLICY
Now keep in mind Google has redacted the HPKP in a recent announcement and they refer to the Expect-CT header.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=