Origin Pool TLS Configuration "Auto-Diagnostic" Button

Issue:
Troubleshooting a lot with customers and they keep running into 503 errors due to misconfigured TLS on the Origin Pool, and then its a hassle to figure out which settings are the right ones. They constantly need to go back and check the request data to determine why it is showing a 503.

Suggested Solution:
A one-click Auto-diagnostic button next to the TLS settings that will:
Send out a request to the origin pool via the associated HTTP LB with the existing TLS configuration settings, and report if a 5XX error has occurred, then provide information as to why it was not able (i.e TLS Handshake Error). Inclusion of boringSSL or OpenSSL error codes could also be included.

Basically the "Auto-diagnostic" button would
openssl s_client -connect host:port -servername host
and report back the error.

  • Howell
  • Nov 22 2022
  • Attach files