Unknown SSL protocol error in connection to Node

Hi all,

we have a problem with certain LTM pools after migrating from SNI based monitors to SSL health monitor with SSL server profile included. The server name in the new health monitor and in the old SNI monitor are tthe same.The pool members are standard Azure Windows IIS servers and configured equally (as far as I know), listening on port 443. With the new health monitor active one pool member node is doing fine while the other is going down.

Using curl as a test on the Bigip shows me

...

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* Unknown SSL protocol error in connection to 10.254.8.16:443

* Closing connection 1

curl: (35) Unknown SSL protocol error in connection to 10.254.8.16:443

The working one shows me

...

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (OUT), TLS alert, Server hello (2):

* SSL certificate problem: unable to get local issuer certificate

* Closing connection 1

So we wonder what the difference between the SNI monitor and the "standard" one is. Hopefully someone will pick this up and give me a hint :-)

Thx!

best regards,

Alexander

application delivery

BIG-IP

LTM

Forum Discussion

Unknown SSL protocol error in connection to Node

Recent Discussions

Can i apply ddos profile on virtual server using port range

How to implement LTM forward proxy client to determine the diversion pool based on the domain name

ASM Export JSON - size Limit ?

SNI Sites not taking correct certificate.

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

Related Content

Proxy Protocol v2 Initiator

SSL protocol mismatch

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

HTTP/2 Protocol in Plain English using Wireshark

Mitigating the Unknown

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS