Forum Discussion

Altostratus

Aug 29, 2018

SSL handshake failure during SSO

Both our production and non-production service desk applications use SSO. User connects to application VIP, which redirects users to the SSO VIP on 443. The F5 configuration for these two ...

Employee

Aug 29, 2018

Okay, so to be clear, "SSL Bridging" generally defines where the F5 both decrypts and re-encrypts the traffic to the server, which requires both client and server SSL profiles. If I can assume that there is NO client certificate auth going on, on either side, then the "certificate unknown" error is going to come from the client after consuming the server's certificate.

Browsers aren't usually that strict about bad server certificates. Worst case you'll get a certificate warning and click-to-continue.

So then I'd ask,

Does the app server require HTTPS?
Do you have a server SSL profile also applied?
And if yes to the above, which server SSL profile are you using?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL handshake failure during SSO

Recent Discussions

VIP needed for many UDP ports

Creating Policy using Terraform

Unable to get Internet in server using SWG forward Proxy.

ASM don't block attack XSS

AWAF ADD-ON MODULE

Related Content

BIG-IP Proxy SSL 12.1 Handshake Failure

BIG IQ backup failures

TCP Internals: 3-way Handshake and Sequence Numbers Explained

SSL handshake failure using serverssl (F5 and Citrix Netscaler)

SSL Profiles Part 1: Handshakes

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS