Forum Discussion

Nimbostratus

10 years ago

SSL Handshake Error

Hello, I'm fairly new to F5 but have unfortunately been tasked with updating all network connections to TLS 1.2 (only) To that end I'm simply trying to put a SSL enabled LTM Virtual Server in front ...

Employee

10 years ago

Not sure which LTM version you're on, but server side TLS1.2 is supported in most platforms. There's a couple of things I'd try next:

Open an SSH connection to the BIG-IP and issue an openssl s_client command to the server
```
openssl s_client -connect x.x.x.x:9200
```
What do you see? Does it succeed or fail? Does it indicate that Secure Renegotiation is enabled? If it fails, then you may have some unique TLS protocol or cipher requirements.
Start an SSLDUMP capture on this internal interface
```
ssldump -AdNn -i [internal VLAN name] port [encryption port]
```
ssldump will show you the SSL handshake process and, hopefully, where the handshake is failing

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Handshake Error

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Related Content

SSL Profiles Part 1: Handshakes

SUPER-WEBSOCKET-HANDSHAKE-LOGGER™® (SWHL) iRule

WS-Exfil-Shield: Catching What WAFs Miss After the 101 Handshake

HTTPS - Monitor SSL Handshake

certitcate error

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS