Forum Discussion
Fluidtom_15505
Sep 12, 2011Nimbostratus
Could not establish trust relationship for the SSL/TLS secure channel
Hi,
We have two F5 v10.1 in synch for our test environment.
We are currently testing migration scenario from SharePoint 2007 to SharePoint 2010.
We have one URL (https://test.domain.com), managed by an irule that redirects to a server pool with our SP2007 servers. If the url is https://test.domain.com/sp2010, all the traffic will be redirected to the server pool for SharePoint 2010. Note that we break the SSL at the F5 level, all our servers "behind" the F5 are in HTTP.
Everyting was running fine until we had to renewed the certificate for https://test.domain.com.
- We generate a new certificate in our CA
- We went to Local Traffic > SSL cert > Import and successfully imported the new cert.
- Then we went to Local Traffic > Profiles > SSL > Server and select the new cert and key and clicked on update
- Then went in Local Traffic > Virtual Servers > test.domain.com_https > and made sure the right profile was selected, clicked on update
- Performed a sync to the peer
Now the logs of both Sharepoint 2007 and 2010 are full of error message like these
SharePoint.PSNavigation.GetXslt exception: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
at System.Net.HttpWebRequest.GetResponse()
at Swift.Corp.SharePoint.PSNavigation.PSNavigation.GetXslt()
and
The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request) at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebRequest request) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at Swift.Corp.SharePoint.PSKb.IM.EventReceivers.NintexWs.NintexWorkflowWS.StartWorkflowOnListItem(Int32 itemId, String listName, String workflowName, String associationData) at Swift.Corp.SharePoint.PSKb.IM.EventReceivers.Archiver.<>c__DisplayClass4.b__0() at Microsoft.SharePoint.SPSecurity.<>c__DisplayClass4.b__2() at
Did we miss something on the F5 config?
Thanks in advance for your help!
- nitassEmployeeNote that we break the SSL at the F5 level, all our servers "behind" the F5 are in HTTP.
- geffryti_32102Nimbostratusyup, you should be using clientssl profile instead...
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects