while persistence might not be the culprit it may be the decrypt\encrypt im doing on the F5 to be able to utilize persistence. if i change the persistence to SSL persistence (no decryption) it works.
i think the issue is with ssl decryption enabled BigIP can decrypt the IIS SSL traffic that has our cert on it but fails to decrypt the java traffic that has the vendors cert on it.
im guessing they are doing code signing on their java app. anyone ever run into this situation the cert used in the java app isnt the same as the cert used on the website itself?