Forum Discussion

Nimbostratus

Sep 07, 2015

Health check fails on HTTPS, even though port is open

I am basically using the F5 as a proxy for an HTTPS service, but when I use the built-in https health check to monitor the pool, it fails. The port is definitely open as it responds to direct browse...

MVP

Sep 08, 2015

You can also try to run this command to see if there's a problem with the handshake and see what cipers that's accepted.

echo "Q" | openssl s_client -connect www.site.com:443

Perhaps your server SSL profile has an incompatible accepted ciphers string? Or perhaps the web service uses a client certificate?

You can test the default cipher by running this command (this cipher string is the default from 11.5.0-11.5.3):

echo "Q" | openssl s_client -connect www.site.com:443 -cipher '!SSLv2:!SSLv3:!MD5:!EXPORT:RSA+AES:RSA+3DES:RSA+RC4:ECDHE+AES:ECDHE+3DES:ECDHE+RC4'

You can find the default ciphers here: https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13171.html

/Patrik

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Health check fails on HTTPS, even though port is open

Jeff - May 2026 Featured F5er

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

Recent Discussions

Trial License for F5 virtual edition in eve-ng

certitcate error

about create wide ip,

Dynamic import of data groups

Changes to DO and AS3 GitHub - no longer monitored

Related Content

F5 HTTPS Redirect 2025

HTTP Health Monitor Failure Behavior

Health Check is returning HTTP code 302

F5 Distributed Cloud - Regional Edge Health Monitoring Insights

Simplifying Application Health Monitoring with F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS