- Bronze, 100 points or more
i need a hint on how to troubleshoot ssl connectivity through the ACE.
The client connectivity via the VIP randomly produces strange error messages with the application inside the browsers. A quick sniff of the VIP on the according ACE context sometimes shows following error in the traced packets.
Secure Socket Layer
SSLv3 Record Layer: Alert (Level: Fatal, Description: Illegal Parameter)
Content Type: Alert (21)
Version: SSL 3.0 (0x0300)
Symptoms using IE:
User is browsing through the portal application everything works out. Out of nowhere the user randomly receives a "Page cannot be displayed" while clicking a link in the portal. If the user clicks the link again once or sometimes twice the behavior disappears for a while. This error can show up for the whole page or only a single frame within the page.
Symptoms using Firefox:
User is browsing through the portal application everything works out. Out of nowhere the users randomly receives a "secure connection failed" while clicking a link in the portal. The detailed browser message is "SSL_ERROR_DECRYPTION_FAILURE: Bulk data decryption algorithm failed in selected cipher suite". If the user clicks the link again once or sometimes twice the behavior disappears for a while.
I'm not sure if there is a relation between the captured ssl handshake error and the symptoms shown in the browser. To make sure it is an ACE error or not I need a solid approach to troubleshoot. So if anyone has good advice, please let me know.
Thanks for reading