Forum Discussion
Simon_Blakely
Dec 01, 2020Employee
Well, it looks like the ServerHello from the Cloudfront server does not meet the server-ssl profile requirements, and the BigIP terminates the connection. You have to figure out what works, and make sure that the server-ssl profile matches.
Look at the incoming client-side ClientHello. The outgoing server-side ClientHello needs to match as closely as possible. Check for a Server-Name Indication extension on the server-side. Check the supported TLS protocols and ciphers.
Craft a specific server-ssl profile to ensure that as closely as possible, the ClientHello requests match.