EC certificate breaks remote desktop
Today I ran into a problem while trying to access a remote desktop via an APM webtop. APM will simply not respond when clicking on the remote desktop link. It turned out it stopped working after updating the certificate from RSA to EC. It seems RDP stops working when using an EC certificate. Below are some messages from /var/log/apm:
May 30 13:00:25 bigip debug tmm[11236]: 019cffff:7: /Common/ap_webtop_ipv6test:Common:00000000: RD: [C] 192.168.178.13.56758 i 10.255.255.1.443: Received OOB request: Sign data with clientSSL RSA key
May 30 13:00:25 bigip debug tmm[11236]: 019cffff:7: /Common/ap_webtop_ipv6test:Common:00000000: RD: [C] 192.168.178.13.56758 i 10.255.255.1.443: Could not request crypto: ERR_NOT_FOUND
After changing the certificate and key from EC to RSA the remote desktop links in the webtop started working again. The debug log isn't showing the 'Could not request crypto: ERR_NOT_FOUND' message anymore, instead it's sending OOB reply. See logging below.
May 30 14:37:35 bigip debug tmm3[11236]: 019cffff:7: /Common/ap_webtop_ipv6test:Common:00000000: RD: [C] 192.168.178.13.64486 i 10.255.255.1.443: Received OOB request: Sign data with clientSSL RSA key
May 30 14:37:35 bigip debug tmm3[11236]: 019cffff:7: /Common/ap_webtop_ipv6test:Common:00000000: RD: [C] 192.168.178.13.64486 i 10.255.255.1.443: Sending OOB reply
Hope this info will help anyone who runs into the same issue.
BTW, this BIG-IP runs version BIG-IP 16.1.4.2 Build 0.0.3 Point Release 2