For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Rest4real_13824's avatar
Rest4real_13824
Icon for Nimbostratus rankNimbostratus
Sep 29, 2015

IBM AIX SSL Certificate Offloading

I have tried to load-balanced two AIX Nodes running a secure website with no success. We have the SSL Certificate from the nodes and we have created a Client and Server Profile for the implementation...
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 29, 2015

The client SSL profile is going to address the user to BIG-IP SSL session. The server SSL profile is going to address the BIG-IP to server SSL session. So then the question is, which of these is causing the issue? The best option for troubleshooting here would probably be to do a capture on both sides of the BIG-IP. A tool like ssldump will give you visibility into the SSL handshake:

ssldump -AdNn -i 0.0 port 443 [and any additional filters]

You can replace the 0.0 with the name of a specific VLAN to further isolate the traffic, or add a filter that only looks at specific addresses. In most cases though, if there's an issue with an SSL handshake, it'll become apparent in one of these captures.