Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Custom SSL TCP monitor

Hello All,

I am trying to monitor TCP server port which does have SSL turned on.

We are not hosting a website or web service using this port. This is simply a TCP server port with SSL. This isnt a standard 443 port therefore I think I will need to send some string on my custom monitor but not sure what to send?

How can I do this?Any help will be great.

Thanks

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Not a big fan of them, but you could use an external monitor for this and utilize openlssl.

https://devcentral.f5.com/articles/ltm-external-monitors-the-basics

The following command should establish a connection and close it again. You could replace Q with whatever command you wish to send to the server (or keep it if you just want to test ssl):

echo "Q" | openssl s_client -connect www.site.com:443

A link to the s_client man page:

https://www.openssl.org/docs/manmaster/apps/s_client.html

/Patrik

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

what exactly is listening on it? just a tcp port with SSL sounds kinda odd. is it for some home build application?

a https monitor on another port might still be enough, in principle it is nothing more then doing the ssl (which you say you are doing) and then sending something. but that is more application related.

of course Patriks method might be an option, but i'd start with the https monitor on a different port.

0