I'm finding ssl handshake failure issue from load balancer to the backend application server. We have different application server pool mapped to single Virtual server using irule.
Out of the different application server pool, for one of the server pool application servers are listening on port number 443.
Could you please suggest how to make the load balancer as a client for the successful handshake with the server?
I'm not able to configure the server side profile as the other servers are listening on http port.
Do you mean one pool has servers which use TLS, but the other pool or pools don't?
In this case, you should attach a Server SSL profile to the Virtual Server, but disable it using the iRule that selects your pool, when required using the command: SSL::disable serverside
I don't know how your iRule decides on pools, but for example:
when HTTP_REQUEST {
if { [HTTP::uri] starts_with "/nonhttpspool" }{
SSL::disable serverside
pool nonhttps_pool
} else {
pool https_pool
}
}
Remember that without a OneConnect profile, only the first request of the connection can select the pool.
