Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Failing health checks - Failed SSL Negotiation

 

Information

 

Summary:

Real Server is failing health checks, found "Failed SSL negotiation" in the log files.

Environment:

Product: LoadMaster

Version: Any

Platform: Any

Application: Any web-based application

Question/Problem Description:

What do "Failed SSL negotiation" log messages indicate?

Steps to Reproduce:  
Error Message: Failed SSL negotiation
Defect Number:  
Enhancement Number:  
Cause:

HTTPS Protocol health checks are in use on the VS/SubVS indicated within Virtual Services > View/Modify Services > modify the indicated Virtual Service > if necessary, modify the indicated SubVS > Real Servers.

This message indicates that the underlying TCP connection is able to form as expected, but the SSL handshake is failing.

Resolution: A packet capture should be taken from the LoadMaster to determine why the SSL handshake is failing. This can be done by navigating to System Configuration > Troubleshooting > populate the Real Server address in the Address field > Start > wait one minute for health checks to run > Stop > Download. Open the file with a tool such as Wireshark.
Workaround:  
Notes:

https://support.kemptechnologies.com/hc/en-us/articles/6370901430157-Troubleshooting-Connectivity-to-and-from-the-LoadMaster


Comments