cymru81
Aug 20, 2021Altocumulus
SSL reverse proxy
Looking for some advice please. We'd like to reverse proxy an internal server via a public ip address.
public VIP has a public certificate issued via a well known CA (client ssl profile) and is listening on port 443, this passes to a pool containing our internal server also on port 443 but this site is using an internal self-signed cert that doesnt match the public cert.
LTM logs show the following when client on the internet tries to connect:
SSL Handshake failed for TCP 1.2.3.4:64681 -> 5.6.7.8:443
1.2.3.4:64681 -> 5.6.7.8:443: Connection error: ssl_hs_rxhello:10784: alert(70) unsupported version
Is there any config we can do to make this work?