KEMP 7.1-16 SSL handshake for health test fails


i have a kemp VLM 200 and 3 2012R2 servers running exchange 2013 cu6.

now when configuring the health checks for the https services all works fine with the out of box exchange and kemp templates.

I now have installed a certificate from the Enterprise PKI on the exchange boxes and from all windows machines it is ok.

when i look back at the kemp it says all 3 servers are down and the logfiles show
"SSL hand shake failure"

i now installed the Enterprise root certificate on the kemp as intermidiate and use the certificates for the servers on the VS. Still i get "SSL handshake failure".

When i disable health check and ssl on the VS all is fine and works.

i can only conclude that somehow the handshake fails but i am lost now on what to test or do. anybody any idea?



For you health checking, have you use "HTTP/1.1" enabled. If so can you try it with that option been enabled.


we have tryed that but that makes no differance.

when i check the certificate on the exchange server it has a CRL of the AD OU only. Does the Kemp need to reach the CRL as present on the certificate to make a handshake for health chekking ?