Forum Discussion
Not aware of any; I believe my problem stemmed from the assumption that whilst the F5 is doing outbound NAT it would be able to do OCSP requests, but the OCSP requests are trapped by firewall config (That'll stop it working), so probably mine is simply a networking issue not an F5 issue as such, but I've yet to demonstrate that in anger.
Again a support ticket got a comprehensive response from Charles Rosenberg.
Configuring TLS optimally is surprisingly hard work these days, a current F5 box helps in that the defaults are good.
But I think any tooling that can be done to help would be great, in terms of diagnosing resolver, or exposing what parts are failing as precisely as possible. Qualys SSL Labs doing a great job on the testing:
https://www.ssllabs.com/ssltest/index.html