Forum Discussion

Draccus_329074's avatar
Draccus_329074
Icon for Nimbostratus rankNimbostratus
Aug 01, 2017

Kronos WFC through F5 VIP

I have an issue whereby I need to pass https traffic through to a Kronos webserver on port 444. Our Kronos clocks use 443, with a self signed cert, which all works fine. I now need to get the web based application and the Android/iPhone app working separately to the clocks. I have the web site working fine on port 444 with a 3rd party SSL cert and it doesn't throw any SSL errors. However the APP just keeps throwing out the connection saying " You might be connecting to a server that is pretending to be xxx.com, which could out your confidential information at risk". I have tried various configurations, including Proxy SSL, Proxy SSL passthrough, SSL forward proxy and SSL forward proxy bypass with no change. I am a little stuck now as I have hit the level of my knowledge. Any ideas on what I am missing?

 

2 Replies

  • What APP are you referring to? It sounds like the client simply cannot validate that the SSL certificate is legit. Where is the SSL certificate located? Big-IP or application server? Are you bundling the chain cert with the SSL cert if a chain cert is necessary?

     

  • Cert is on the web server, though after further testing with the app on my iPad I can get to a login screen. So it looks like the issue may be related to the APP version on my iPhone or cert settings on the iPhone itself. Further investigation required I think.

     

    Thanks for the reply.

     

    Draccus