i would have assumed that in the HTTPS monitor but it doesnt seem to work that way... i am wondering if the cipher lists in the monitor dont match with whats on the cert.. the cert is set for AES_128_GCM and DHE_RSA.. the default monitor has - DEFAULT:+SHA:+3DES:+kEDH according to this - https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html - i should be able to update the ciphers..
You're actually talking about the SSL ciphers used in the handshake, not the parameters of the server's certificate. It is entirely likely that the default cipher suite in the HTTPS monitor is inadequate for the server. Do you know if the server requires a specific cipher suite? Did you have to do anything special in the cURL command to allow the SSL handshake to happen?
You'll probably want to spin up an ssldump at this point to see where the problem is. If it is indeed a cipher issue, you'll see that in the handshake with the ssldump capture.