Server Side SSL Handshake Failures
Customer currently can connect to SharePoint directly over 443. When putting the BIG-IP in the mix, users are getting page cannot be displayed. After running a TCPDump, 3 way handshake occurs, client sends client hello and server sends RST. When running SSLDump, client sends cipher list and nothing in return from the server other than a RST. OpenSSL results below. Thoughts? Again, customer can connect directly to the webserver using the same url over 443 though through BIG-IP it fails. Customer has attempted to use different server ssl profiles to include default, secure, insecure compatible.
Current troubleshooting steps taken.
NETMON from web server: Syn > Syn/Ack > Ack > Client Hello > RST
SSLDump: Client Hello > RST
OpenSSL: openssl s_client -connect app.example.com:443 CONNECTED(00000003)
write:errno=104 no peer certificate available No client certificate CA names sent SSL handshake has read 0 bytes and written 249 bytes
New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE
Use of different Protocols: openssl s_client -connect -tls1_2 openssl s_client -connect -tls1_1 openssl s_client -connect -tls1 openssl s_client -connect -ssl3 openssl s_client -connect -ssl2
LTM Log: SSL Handshake failed Server > Self IP with status code 01260013
No Curl attempted to this point.