Can SSL packet decode failures be due to various SSL/TCP conditions such as TCP false connections?

Document ID : KB000011056
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

 The TIM Settings screen shows a high degree of SSL decode failures. APM is showing defects and statistics. What could be another reason for SSL decode failures?

Environment:
All Supported APM Releases with a TIM.
Answer:

 SSL Decode failures can be due to TCP handshake packets on the SSL port that contain no data.

 An example of this may be Load Balancer checking for various hosts. If this is the case, filter the traffic so that the TIM/MTP does not see that traffic.

 

 Note: APM 10.5 and later gives logs messages for SSL bad handshakes and empty packets.

Additional Information: