Forum Discussion
AltocumulusRST after client hello
AltocumulusThanks for your reply. I added SNI and still got the same response. I tried to force it to use TLS1.2 as well but it did not resolve my issue.
- Injeyan_Kostas
Nacreous
Could you share you monitor settings and a packet capture?
Have tried the same request with a curl from F5?
- nurairtt91
Yes, I tried with the Curl command as well. It was reporting "unknown SSL protocol error". I tried to initiate the connection using the openssl command and tried to force it with different TLS versions (1.0, 1.1, and 1.2) and sent SNI, but still no luck.
SSL handshake only fails for the custom port, but when I initiate using 443, it works fine from F5 (Curl, openssl, and health check).
[Active:Changes Pending] log # openssl s_client -connect x.x.x.x:custom_port -servername example.com
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 276 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
Start Time: 1753690172
Timeout : 300 (sec)
Verify return code: 0 (ok)
SravsHi nurairtt91
The most likely cause is that the backend server is not running SSL/TLS on the custom port. Can you try from F5: curl https://x.x.x.x:custom_port
Is that connecting and providing successful response ?
