Forum Discussion
Ajit
Altostratus
AltostratusSSL handshake failure using serverssl (F5 and Citrix Netscaler)
Hello F5 Experts,
I am getting fatal ssl handshake failure(40) right after the server hello message from the Citrix Netscaler which sits and the vendor location. I can see in wireshark that the TLS...
can you change Secure Negotiation to Request and test
AjitAltostratus
AltostratusHello All,
@Anesh - I will provide the configuration by tomorrow however I would like to tell you that there is nothing extraordinary in the configuration. Client & server ssl profiles have been applied to the VIP.
@Nathan - Nope, I have not applied the default ssl profile. Monitor has been applied & it is working correctly. I have reviewed the logs at warning level & hence it does not show me anything specific to the failure reason.
@Abbott - I will provide the SSL config tomorrow. The F5 is running on 11.6.2 so the first link is not releavent for my scenario.
Second link again not for my case reason being proxy SSL is disabled & my version of code is lower.
Third link has some useful information but my serverssl profile is configured correctly with the cert,key & chain parameters. However in the wireshark capture or SSL dump above I receive the fatal error right after the Server Hello & the destination server presents its certificate post the fatal error. The certificate is from a trusted root CA(Comodo).
I really appreciate the inputs provided by you all. Please continue to provide your thoughts. I will also continue to deep dive into this issue.
Regards,
Ajit