Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Failed SSL Negotiation log message

 

Information

 

Summary:

This article will discuss the significance of the "Failed SSL Negotiation" log message.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any web-based application

Question/Problem Description:

We have a group of five VIPs that show a red status after migrating over.

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause:

The "Failed SSL Negotiation" log message occurs when the HTTPS Protocol Real Server Check Method is in use on the Virtual Service.

HTTPS_Protocol.png

The log is generated when the SSL handshake portion of an HTTPS connection is attempted, but is unsuccessful.

Resolution:

A packet capture can be taken from the LoadMaster to determine where the failure is occurring using the below link.

Troubleshooting Connectivity to the Virtual Service

When following this link, ensure that the real server in question is populated into the Address field and either the interface containing that network is selected or the global default gateway interface is selected in the event that the real server is non-local to the LoadMaster.

Workaround: The workaround for this is to drop the connection to TCP Connection Only. We strongly recommend against doing this, as the application will not be checked. When using TCP Connection Only, a TCP Connection will be established to the server using the port in the Checked Port field. If this is not populated, then the port of the real server will be used.
Notes:  

Comments