SSL issues with new setup
We are doing our actual implmentation of the F5 BigIP LTM VM version 17.1.03 (build 0.0.4). It's a little bit complcated because we are trying to load balance an application (Microsoft Dynamics Navision 2018) and not just HTTP or HTTPS traffic. However, for initial testing, one of our servers in the pool being load balanced will at least show an IIS welcome page so I'm testing by just using HTTP/HTTPS. I have my nodes set up in my pool and I've currently only have the 1 node active that gives an IIS welcome page (the other just gives an error). I have our wildcard certificate imported and set as the "SSL Profile (Client)" within my virtual server for 443. If I go directly to http://msnav01.domain.com I get the IIS welcome page. If I go to http://bigip.domain.com I get the IIS welcome page. If I go directly to https://msnav01.domain.com I get the IIS wecome page. If I go to https://bigip.domain.com I eventually get a "site can't be reached" with "err_connection_reset" message. Checking the LTM log gives me a less-than-useful "SSL Handchange failed" error message and even with the logging turned up I'm not getting much more uesful info
Sep 27 16:53:07 BigIP.domain.com info tmm: 01dd0002:6: /Common/Wildcard23-24: SSL Handshake details for TCP <client IP>:33343 -> <virtual server IP>:443 entity: server SID: <server sid here> version: TLSv1.2 cipher-suite: ECDHE-RSA-AES128-GCM-SHA256 key-exchange: 333 bytes client-cert-sha1: N/A server-cert-sha1: N/A mutual-authentication: false
I've looked at a lot of different articles but nothing has solved the issue or even helped me move forward. I've tried turning off the "Generic Alert", setting the Cashe size to 0, turning up the logging to debug, etc. I'm at a loss and just not sure where to go next. I'm positive that the issue is something with the cert or the implmentation of the cert, just not sure where to go next.
Thanks in advance!