Failed SSL Negotiation log message
Information
| Summary: |
This article will discuss the significance of the "Failed SSL Negotiation" log message. |
| Environment: |
Product: LoadMaster Version: Any Platform: Any Application: Any web-based application |
| Question/Problem Description: |
A group of five VIPs is showing a red status after migrating over. |
| Steps to Reproduce: | |
| Error Message: | |
| Defect Number: | |
| Enhancement Number: | |
| Cause: |
The "Failed SSL Negotiation" log message occurs when the HTTPS Protocol Real Server Check Method is in use on the Virtual Service. The log is generated when the SSL handshake portion of an HTTPS connection is attempted, but is unsuccessful. |
| Resolution: |
A packet capture can be taken from the LoadMaster to determine where the failure is occurring using the below link. Troubleshooting Connectivity to the Virtual Service When following this link, ensure that the real server in question is populated into the Address field and either the interface containing that network is selected or the global default gateway interface is selected in the event that the real server is non-local to the LoadMaster. |
| Workaround: | The workaround for this is to drop the connection to TCP Connection Only. We strongly recommend against doing this, as the application will not be checked. When using TCP Connection Only, a TCP Connection will be established to the server using the port in the Checked Port field. If this is not populated, then the port of the real server will be used. |
| Notes: |