Forum Discussion

Nimbostratus

Sep 15, 2014

SSL Handshake failure / Verify irule

I'm trying to Troubleshoot the below Issue. Application sends an certificate to the LTM (it is set up on https URL to send certificate to ltm to authenticate itself has valid), the below irule is ...

Cirrostratus

Sep 16, 2014

Hmmm, I'm not sure about your logic here. What do you want to do? I'm guessing here;

CLIENTSSL_HANDSHAKE: If the client presents a cert, log the fact and proceed. If no cert, proceed.
HTTP_REQUEST: If a specific URI is requested, check a cert was presented. If not, force renegotiation. If so, proceed.
HTTP_REQUEST_SEND: Use clientside context, insert SSL certificate used as a header.

Not sure why you are using HTTP::collect/release.

Why force renegotiation? If the client didn't present a certificate first time, why would this help?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SSL Handshake failure / Verify irule

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

BIG-IP Proxy SSL 12.1 Handshake Failure

SSL Profiles Part 1: Handshakes

TCP Internals: 3-way Handshake and Sequence Numbers Explained

SSL handshake failure using serverssl (F5 and Citrix Netscaler)

Mitigating OWASP Web Application Risk: Identification and Authentication Failure using BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS