Load Balancing: Performance Layer 4

I hope someone can help?

 

I have set up my nodes and pools and VIP. And I have permitted all protocols to make for an easier test. I can reach the base IIS website on each node separately and on the VIP with no problem.

 

However, the actual site I want to reach is published on port 10000 over https.

 

So: http://Server1.company.com = OK http://Server2.company.com = OK

 

https://Server1.company.com:10000/web/login.htm = OK https://Server2.company.com:10000/web/login.htm = OK

 

http://Server.company.com = OK

 

But

 

https://server.company.com:10000/web/login.htm = ERR_SSL_PROTOCOL_ERROR

 

I have read a few posts that state that Performance Layer 4 is the way to go on the basis that I do not want to manipulate the packet in any way. Just pass them through. Furthermore, as I understand it, there shouldn't be a need to install the server certificates as for the same reason.

 

Some additional information.

 

Each server has been configured by the software company and presents a self signed certificate for that company. So this is not trusted by the browser.

 

These certificates do not include an SAN for the shared FQDN (server.company.com)

 

But I am not sure this should make a difference if no SSL manipulation is needed.

 

The desired outcome is that the F5 load balances the website across each server and even though the certificate is not trusted, is still presented to the browser.

 

Any ideas?