Forum Discussion

Zuke_254875's avatar
Zuke_254875
Icon for Altostratus rankAltostratus
Aug 29, 2018

SSL handshake failure during SSO

Both our production and non-production service desk applications use SSO.

 

User connects to application VIP, which redirects users to the SSO VIP on 443.

 

The F5 configuration for these two environments are identical:

 

SSL bridging with default Client SSL profile as parent. No customizations except for the certificate/key/bundle.

 

However in the non-prod environment, the SSL handshake cannot complete. tcpdump shows a fatal error, certificate unknown, even though this is the same cert/key on the SSO server.

 

 

When I browse directly to the SSO VIP, the application works as expected.

 

Currently the work-around is to have the non-prod ITSD application server bypass the F5 and go directly to the SSO app server rather than the F5.