SSL Handshake errors - no additional information in ltm log - v13.1.3.5

Question

Hi. I need to troubleshoot some SSL Handshake errors and I understood that additional logging should already be available in the LTM log but it is not on my v13.1.3.5 LTM-VE. I have tried changing the log.ssl.level value to Debug but it has no effect. I want to understand what cipher the external client is sending in with as our ciphers for this SSL Profile:Client is set to DEFAULT

Please can anyone advise?

enes_afsin_al · Answer

Hi Salmander,Can you try this iRule?when HTTP_REQUEST {
	log local0. "Cipher=[SSL::cipher name] - Version=[SSL::cipher version] - Bits=[SSL::cipher bits]"
}

salmander · Answer

Thanks for the reply. That works well for traffic which is successfully processed by the F5 but does not appear to work for traffic that is reported by the "SSL Handshake failed for TCP" issue.

I have added Source IP Address=[IP::client_addr]:[TCP::client_port] to your iRule so the source IP address and source port is reported in the log, but the iRule does not appear to be run for the traffic that has the SSL Handshake error by verifying the source IP address/port details

lidev · Answer

Hi Salmander, &nbsp;You can use SSLDump to troubleshoot your SSL Handshake issue.https://support.f5.com/csp/article/K10209https://support.f5.com/csp/article/K15292&nbsp;Regards&nbsp;

Forum Discussion

SSL Handshake errors - no additional information in ltm log - v13.1.3.5

3 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

ASM custom response page add additional information

External Monitor Information and Templates

TCP Internals: 3-way Handshake and Sequence Numbers Explained

SSL Profiles Part 1: Handshakes

Find CVE information on AskF5