Forum Discussion

pgsmith_120398's avatar
pgsmith_120398
Icon for Nimbostratus rankNimbostratus
Dec 15, 2014

https monitor with un-trusted certificate

I'm working with an application that doesn't support importing a new SSL certificate. I would like to monitor the application using an https montior like:

 

SEND:"GET /application/api/status\r\n"

 

RECEIVE:"REGISTERED"

 

However when i configure the monitor it does not work. When running a CURL on that URL from an SSH session to the LTM instance i get a certificate warning because its not trusted. I believe this is causing the monitor to fail. Is there a way to tell the monitor to ignore certificate warnings when executing the SEND?

 

application delivery
cloud
deployment
LTM
vmware

6 Replies

Sort By
  • Greg_Crosby_319's avatar
    Greg_Crosby_319
    Historic F5 Account
    Dec 15, 2014

    Try adding -k while running curl to allow insecure connections and verify REGISTERED is returned.

     

  • shaggy's avatar
    shaggy
    Icon for Nimbostratus rankNimbostratus
    Dec 15, 2014

    f5 server-side SSL generally don't care about the server certificate as long as there is one. it could be a cipher compatibility issue, or your SEND string could be off. Did you test the GET in curl using a server-IP or the hostname?

     

  • Greg_Crosby_319's avatar
    Greg_Crosby_319
    Historic F5 Account
    Dec 15, 2014

    Try adding another \r\n to terminate get request; might be your server requires HTTP 1.0 compliant requests.

     

    ie: SEND:"GET /application/api/status\r\n\r\n"

     

  • pgsmith_120398's avatar
    pgsmith_120398
    Icon for Nimbostratus rankNimbostratus
    Dec 16, 2014

    thanks everyone, i figured it out. I assumed it was the untrusted SSL certificate that was the issue but it was how the SEND string was formatted. I ended up using:

     

    GET /application/api/status HTTP/1.1\r\nHost: LB-FQDN\r\nConnection: close\r\n\r\n

     

    and that resolved it. Thanks for your help.