Forum Discussion
Rodolphe_AUBINE
Jun 20, 2012Nimbostratus
How to SSL debug in details...
Hi all,
I have a virtual server that is set in two-way SSL authentication and I have a lot of trouble to find the various causes related to the handshake phase for example.
This is not my first virtual server in this mode. Most of my clients connect perfectly to the latter but one is still ko.
This is actually a client through an Alteon 2424 SSL to establish connections specializes in background.
SSL Server side profile everything is OK: by disabling certificate checking customer, external PKI service that sold me the SSL Server Certificate test and proves that everything is OK: certificate, chain intermediate and root.
SSL Client side profile, the configuration is OK (require level 2 once as usual).
I have already activated the DEBUG level logs for SSL visible in the log / var / log / ltm. I also placed iRules for all SSL-related events to view details of each step.
Question: how to find the explanation or exact mapping of these technical messages examples :
debug tmm[5581]: 01260009:7: Connection error: ssl_codec_parse:521: invalid record length (51)
debug tmm[5581]: 01260009:7: Connection error: ssl_shim_vfycert:2368: application verification failure (42)
tmm[5581]: 01260013:6: SSL Handshake failed for TCP from XXX.XXX.XXX.XXX:443 to YYY.YYY.YYY.YYY:ZZZZZ
I have also check this URI :
https://devcentral.f5.com/wiki/iRules.SSL__verify_result.ashx
http://www.openssl.org/docs/apps/ve...IAGNOSTICS
Thanks in advance,
Sorry for english words, i am french !
Rodolphe
- hooleylistCirrostratusHi Rodolphe,
- Rodolphe_AUBINENimbostratusHappy to see that I really have searched everywhere....
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects