Forum Discussion
[X509::whole [SSL::cert 0]] shows incomplete certficate
JDamian I know that the F5 typically doesn't look at HTTP responses after a certain line for HTTP health monitors so it could be a similar situation for this logging information. It's possible that we can assist in resolving your greater issue if you can expand on what issue you're having that resulted in you having to log the SSL certificate of a connection.
My greater issue is that after my LB team upgraded a F5 BIG IP device to 16.1.3.4 some apps requiring client certificate stopped working properly from certain clients -- an iRule did the job of requiring the certificate for last 5 years.
We have narrow down the problem to .NET client connections because the same client requests from SOAP-UI or Java have no problem.
- CA_ValliJun 27, 2023MVP
Was it a Major release upgrade?
First thing that comes to my mind in this scenario is that allowed/disallowed cipher suites might have changed. By any chance, do the clients that stopped working share some "legacy" SSL config?v16 suites: https://my.f5.com/manage/s/article/K05134218
v15 suites: https://my.f5.com/manage/s/article/K86554600
v14 suites: https://my.f5.com/manage/s/article/K97098157
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com