chic_cat_324145
Sep 18, 2018Altocumulus
SSL Proxy
Hello, I have multiple puppet masters behind f5 and would like to offload ssl on F5 and encrypt it again and pass to backend server. I created: a) client ssl profile (uploaded cert + private key from puppet masters) b) server ssl profile
a and b - enabled SSL PROXY
Created Pools, VIP, selected certs.
When I try to access pool through https getting this output:
- Rebuilt URL to: https://192.168.56.100:8140/
- Trying 192.168.56.100...
- TCP_NODELAY set
- Connected to 192.168.56.100 (192.168.56.100) port 8140 (0)
- ALPN, offering h2
- ALPN, offering http/1.1
- Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
- successfully set certificate verify locations:
- CAfile: /etc/ssl/cert.pem CApath: none
- TLSv1.2 (OUT), TLS handshake, Client hello (1):
- LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 192.168.56.100:8140
- stopped the pause stream!
- Closing connection 0 curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 192.168.56.100:8140
L4 works just fine - so not an issue on the backend servers.
Any thoughts?
Thanks!
This helped. Thanks everyone, I finally made it work!