"SSL initiation failed" error and VMware View

We are having major problems establishing SSL connections to our VMware View 3.x VIPs. Intermittently our clients are being presented with an "SSL intiation failed" message. At first VMware pointed us at this article, which leaves you with the impression that somehow something is wrong with the LTM configuration:

 

http://kb.vmware.com/selfservice/mi...Id=1009227

 

However from network traces, I think I have isolated this problem to the way that the View client software handles SSL certificates when the certificate spans more than three TCP segments. I think by changing the VS config as directed in the article, you are simply moving the SSL termination endpoint back to the connection server. In our case, the connection servers use the self-signed certificate which is smaller than the real cert applied to the VIP. And since the self-signed cert is smaller, it fits into a smaller number of TCP segments.

 

It seems VMWare knows about it, which makes me wonder why they implicate the LTM:

 

http://communities.vmware.com/message/1558870

 

We have a case open with VMWare now. Initially they referred us to the "change VIP to Fast L4" article, which I did as a workaround. But I continue to reproduce on a test VIP, and now I feel I have provided them with enough trace analysis to prove this is a client bug. I was wondering if anyone else had run into this before.

 

I will post something when this is resolved.