Forum Discussion
SSL handshake failure using serverssl (F5 and Citrix Netscaler)
- Jun 25, 2018
can you change Secure Negotiation to Request and test
Hello All,
@Anesh - I will provide the configuration by tomorrow however I would like to tell you that there is nothing extraordinary in the configuration. Client & server ssl profiles have been applied to the VIP.
@Nathan - Nope, I have not applied the default ssl profile. Monitor has been applied & it is working correctly. I have reviewed the logs at warning level & hence it does not show me anything specific to the failure reason.
@Abbott - I will provide the SSL config tomorrow. The F5 is running on 11.6.2 so the first link is not releavent for my scenario.
Second link again not for my case reason being proxy SSL is disabled & my version of code is lower.
Third link has some useful information but my serverssl profile is configured correctly with the cert,key & chain parameters. However in the wireshark capture or SSL dump above I receive the fatal error right after the Server Hello & the destination server presents its certificate post the fatal error. The certificate is from a trusted root CA(Comodo).
I really appreciate the inputs provided by you all. Please continue to provide your thoughts. I will also continue to deep dive into this issue.
Regards,
Ajit
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com