Forum Discussion
Thank you for your response.
I have an update to this, and then I'll answer your questions. I thought we had solved the problem. The fix that worked for almost a week. In the SSL Client Profile of the virtual server that did not work, the following three settings have to be changed. If one remains as it was, the Project client still breaks. Under the Client Authentication section: Client Certificate: Originally was set to require, change to ignore Trusted Certificate Authorities: Originally set to a custom certificate authority bundle, changed to none. Advertised Certificate Authorities: Originally set to a custom certificate authority bundle, changed to none.
This fixed everyone for 6 days and then all of a sudden some people have problems again this morning (but not everyone and I can't reproduce the problem for myself).
To answer your questions. We want to use APM, but I removed the APM profile off that virtual server. We still have the problem without APM involved.
Using HOSTS, we can bypass the problem. But most people do not have access to the subnet that the back end servers are on, so this only works for the SA and development team.
We did use Wireshark, but since it's all encrypted, there is very little we can learn. Nothing unexpected outside of the encrypted part. I also attempted tcpdump from the F5 to capture the decrypted traffic but I never got it right.