Skip to content
View in the app

A better way to browse. Learn more.
Gear Crushers

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Why am I getting Open SSL errors

dennis
in LTM Questions

Featured Replies

I'm getting a bunch of the following errors

Quote

Sep  9 06:55:01 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:03 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:04 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:05 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:06 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:08 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:09 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:10 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:11 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure.
Sep  9 06:55:13 usmifnt02.thezah.com err bigd[7070]: 01060111:3: Open SSL error - error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure. 

How do I troubleshoot this?

  • Moderators

F5 LTM can log failure messages for a specific pool member by setting the big process logging level to debug.  When set to debug, the bigd process will log error messages for specific pool members to the /var/log/bigdlog file

Steps are as follows from the CLI

Enable Debug 

tmsh modify sys db bigd.debug { value enable }

Monitor the /var/log/bigdlog file 

tail -f /var/log/bigdlog |grep 'return ssl false'

You are looking for the member is a message similar to this

Quote

ID 40 :(_ssl_shutdown_service): shutting down, return ssl false [ addr=::ffff:10.12.23.27:80 srcaddr=::ffff:10.12.23.139%0:52845 mon=/Common/https fd=9 ]

Disable debug logging 

tmsh modify sys db bigd.debug { value disable }

Verify that debug logging has been disabled by running 

tmsh list sys db bigd.debug

Now you know the culprit, go get em.

Common reasons for failures include:

  • Pool Member doesn't support the same SSL/TLS properties as the HTTPs monitor.  EXAMPLE: Pool Member doesn't support any version of TLS
  • A HTTPs monitor is applied to a non-HTTPS pool member in which case an HTTP monitor may mark the pool member status as available.

Create an account or sign in to comment
Go to topic listing

Important Information

By using this site, you agree to our Terms of Use.

I accept

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.