Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

ssl handshake failure issue from loabalancer to the backend application server

Thiyagu
Cirrus
Cirrus

‎14-Mar-2021 23:34

Hello All,

I'm finding ssl handshake failure issue from load balancer to the backend application server. We have different application server pool mapped to single Virtual server using irule.

 

Out of the different application server pool, for one of the server pool application servers are listening on port number 443.

 

Could you please suggest how to make the load balancer as a client for the successful handshake with the server?

 

I'm not able to configure the server side profile as the other servers are listening on http port.

 

Please suggest to fix the issue.

Labels:
0 Kudos
1 REPLY 1

eey0re
Cirrostratus
Cirrostratus

‎16-Mar-2021 20:27 - last edited on ‎04-Jun-2023 21:00 by Fog

Do you mean one pool has servers which use TLS, but the other pool or pools don't?

In this case, you should attach a Server SSL profile to the Virtual Server, but disable it using the iRule that selects your pool, when required using the command: SSL::disable serverside

I don't know how your iRule decides on pools, but for example:

when HTTP_REQUEST {
    if { [HTTP::uri] starts_with "/nonhttpspool" }{
        SSL::disable serverside
        pool nonhttps_pool
    } else {
      pool https_pool
    }
}

Remember that without a OneConnect profile, only the first request of the connection can select the pool.

Copyright © 2023 Khoros, LLC