Forum Discussion
4 Replies
- patonbikeCirrus
Which serverssl profile are you using? What certificate is installed on the IIS side?
Try "server certificate: ignore" just to see if it fixes it. If it fixes the problem, then the F5 doesn't trust the cert that IIS is presenting.
- patonbikeCirrus
Sorry, I misread, that error sounds like it is coming from IIS, not the LTM.. meaning that the error is between the client and the VIP not VIP and pool member.
What happens if you type in the from a web browser on the client's IIS server--does that work?
Do you see anything in /var/log/ltm?
Is it a public issued cert and website? If so I like to use https://www.sslshopper.com/ssl-checker.html to check the cert's chain.
- abhy201Nimbostratus
What happens if you type in the from a web browser on the client's IIS server--does that work?
I get the IIS Login screen when I run the VIP from the client IIS server. And I dont see anything in the LTM logs. Strange thing is it works when I bypass the F5 and directly use the server host.
- abhy201Nimbostratus
We have seen there was a missmatch in the cert name and LB VIP url. We were using a common cert used across different envts and the name was not matching to the VIP. Once this was udpated, the issue resolved.
Thank you for the info provided earlier.