Lync 2013 Devices using F5 as Reverse Proxy can't connect

We've just deployed an on premise Lync 2013 environment (upgrade from 2010) using F5 BIG-IP LTM as the Reverse Proxy. This was deployed using the updated Lync 2013 iApp template.

I cannot get an iOS device to connect, however Android, (some) Mac OSX Lync clients, Windows Phone 8, external Windows 2013 clients can.

We have a Microsoft MVP onsite (has been for 3 weeks) and we can't seem to work it out either. I found an article where a user connected to the console of the F5 and run the following command:

openssl s_client -host lync.domain.com -port 443

it gives us the output of verifying the certificate chain. I get the error:

Verify return code: 20 (unable to get local issuer certificate)

The current certificate configuration is:

• Edge Servers have a wildcard external domain certificate by DigiCert.
• Front End Servers have an internal certificate provided by our Internal CA.
• The F5 have the wildcard certificate in the SSL profile as requested by the iApp template.
• I have pushed all of the above certs (Internal Root CA cert, Internal Intermediate CA cert, Front End Cert, External DigiCert CA, Wildcard Cert) to the iOS device using our MDM server.

I checked the SSL certificate list on the F5 Appliance and from what I can see all the certificates are installed, although they are not explicity connected to any of the iApp properties.

We're pulling our hair out! I'm still pretty green with F5.

There are no errors in the console of the iOS device by connecting the device to iPhone Configuration Utility.

I can only assume theres something missing on the F5, and its likely to do with a certificate chain. No idea where to from here.