Forum Discussion

Nimbostratus

12 years ago

SSL Offloading -> Certificate Unknown

Hi, We were able to implement SSL offloading but recently required even the next flow of traffic to be https. Here's the flow: Client browse HTTPS: VIP(1st) --> SSL Offloading --> HTTP node...

Employee

12 years ago

Are you requiring client certificate (mutual) authentication at either VIP? It may be a good time to start an SSLDUMP capture to see exactly where the SSL is breaking:

ssldump -k [path to private key] -i 0.0 -AdNn port 443 [and any additional filters]

If you are requiring client certificate, you'll also need to make sure that the certificate that the client is presenting is trusted by virtue of the explicitly-assigned certificate authorities bundle in the client SSL profile.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)