LTM - Peer cert verify error - What is the Server IP
Running a forward proxy with SSLo and I'm trying to find a more elegant way of hunting down the server my clients are going to when I see entries like this in /var/log/ltm log
Sep 18 08:16:46 BIGIP00 warning tmm2[22922]: 01260006:4: Peer cert verify error: self signed certificate in certificate chain (depth 1; cert /CN=TrustedSource_CA/O=SCC/C=US)
This specific warning entry happens so frequently that it is a large noise source that I want to get rid of by identifying the clients trying to go to whatever this is but the logs are not helpful in identifying the server IP that is generating this entry. Since this specific CN "TrustedSource_CA" happens frequently enough I can run a tcpdump/ssldump on the external interface of the BIG-IP to look for this specific certificate and the corresponding server side connection.
I haven't seen a way to turn on a level of logging that would assist me in determining the server IP address in question and looking for a better way to turn on logging that would capture the server IP address when a warning like this is produced at a low frequency.