Zuke_254875
Aug 29, 2018Altostratus
SSL handshake failure during SSO
Both our production and non-production service desk applications use SSO.
User connects to application VIP, which redirects users to the SSO VIP on 443.
The F5 configuration for these two environments are identical:
SSL bridging with default Client SSL profile as parent. No customizations except for the certificate/key/bundle.
However in the non-prod environment, the SSL handshake cannot complete. tcpdump shows a fatal error, certificate unknown, even though this is the same cert/key on the SSO server.
When I browse directly to the SSO VIP, the application works as expected.
Currently the work-around is to have the non-prod ITSD application server bypass the F5 and go directly to the SSO app server rather than the F5.