Forum Discussion
sgnormo
Cirrus
CirrusSSL PROXY
I am looking at the SSL Proxy feature to see how it works and if there is possible benefits. I have gotten it to the point where the traffic is getting through and negotiation is "working". I have...
Hi sgnormo ,
maybe you have missed some configuration for ssl proxy feature , I understood from Pcap snapshot that F5 could not validate destination server certificate to pass it to the client , so as a result of this error in ssl sequance ( Specially regarding to ssl Proxy deployments ) F5 send RST packets to close ssl connection , so I see that F5 Resets the destination server (First RST) and the client as well ( Second RST ).
So , I susbect that , there are missing configuraton regarding ssl proxy or a certificate mismatch between F5 and destination server .
For that reason , Please follow this KB well to configure and build ssl proxy correctly :
https://support.f5.com/csp/article/K13385Also take a look in this Article :
https://support.f5.com/csp/article/K13393
Hi sgnormo ,
maybe you have missed some configuration for ssl proxy feature , I understood from Pcap snapshot that F5 could not validate destination server certificate to pass it to the client , so as a result of this error in ssl sequance ( Specially regarding to ssl Proxy deployments ) F5 send RST packets to close ssl connection , so I see that F5 Resets the destination server (First RST) and the client as well ( Second RST ).
So , I susbect that , there are missing configuraton regarding ssl proxy or a certificate mismatch between F5 and destination server .
For that reason , Please follow this KB well to configure and build ssl proxy correctly :
https://support.f5.com/csp/article/K13385
Also take a look in this Article :
https://support.f5.com/csp/article/K13393