cancel
Showing results for 
Search instead for 
Did you mean: 

HTTPS Monitor fails after changing TLS Version

kgaigl
Cirrostratus
Cirrostratus

Hello,

 

following problem:

we've some pools with https monitors like this:

send string:GET /some/pingservlet HTTP/1.0\r\n\r\n receive string: 200 OK

no alias service port, no server ssl-profile

 

now the server admin changed on the server from apache with tls 1.0 to tomcat with tls 1.2

 

after that the monitor fails, but when I change on the pool the monitor to tcp or something like this, the server is up and now I change the monitor back to the original https monitor, the server is still up

 

when I check with curl -vk when the Server marks down i could still see "HTTP/1.1 200 OK"

 

Any idea, why the the monitor fails and after change and change back the monitor shows up?

 

Thank You

1 ACCEPTED SOLUTION

kgaigl
Cirrostratus
Cirrostratus

f***

I think I've found the cause:

https://cdn.f5.com/product/bugtracker/ID953601.html

 

View solution in original post

4 REPLIES 4

kgaigl
Cirrostratus
Cirrostratus

I forgot: Version is 14.1.4.4

kgaigl
Cirrostratus
Cirrostratus

f***

I think I've found the cause:

https://cdn.f5.com/product/bugtracker/ID953601.html

 

Karthick1
Cirrus
Cirrus

Please add the http version 1.1 and host header in send sting keep receive string as same.

 

Example :

 

GET /some/pingservlet HTTP/1.1\r\nHost:* \r\nConnection: Close\r\n\r\n

or

GET /some/pingservlet HTTP/1.1\r\nHost:abc.com \r\nConnection: Close\r\n\r\n

kgaigl
Cirrostratus
Cirrostratus

thank you, but option 1 didn't mak it better, option 2 we can't use because we use one monitor for multiple pools