Forum Discussion

Nimbostratus

Feb 10, 2016

SSL Handshake Error

Hello, I'm fairly new to F5 but have unfortunately been tasked with updating all network connections to TLS 1.2 (only) To that end I'm simply trying to put a SSL enabled LTM Virtual Server in front ...

Employee

Feb 11, 2016

Not sure which LTM version you're on, but server side TLS1.2 is supported in most platforms. There's a couple of things I'd try next:

Open an SSH connection to the BIG-IP and issue an openssl s_client command to the server
```
openssl s_client -connect x.x.x.x:9200
```
What do you see? Does it succeed or fail? Does it indicate that Secure Renegotiation is enabled? If it fails, then you may have some unique TLS protocol or cipher requirements.
Start an SSLDUMP capture on this internal interface
```
ssldump -AdNn -i [internal VLAN name] port [encryption port]
```
ssldump will show you the SSL handshake process and, hopefully, where the handshake is failing

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Handshake Error

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

SSL Profiles Part 1: Handshakes

HTTPS - Monitor SSL Handshake

TCP Internals: 3-way Handshake and Sequence Numbers Explained

Avoid SSL Handshake When Pool is Unavailable

ssl handshake failed

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS