Forum Discussion
CirrusSSL persistence not working correctly in v11.4.1
Hi, have anybody from you had issues with SSL persistence in v11.4.1? I had problem with Lync signing here.
After all we found that change from SSL persistence to source address persistence helped. But how it can be possible that SSL persistence influences signing process (application layer). LB without SSL certificate/key shouldn't affect application data at all.
BTW, this SSL persistence issue came from Lync 2010 iApp template and problem appeared only when old MOC 2007 R1 was used.
1 Reply
- Kevin_Stewart
Employee
SSL persistence uses the SSL sessionid established during the handshake to maintain stickiness. This has nothing to do, more or less, with the certificate and key used to establish the SSL session, nor the application layer processing above it. I'm guessing here, but the issue I think you're seeing is the result of clients and/or the server (F5) renegotiating the SSL at semi-random points during the session. Browsers do this quite frequently, so SSL persistence is rarely ever a viable option for browser-based access. There are still some clients, particularly the Citrix agent, that don't renegotiate SSL and where SSL persistence can be used, but it may just be that Lync is renegotiating and killing SSL persistence.
