SSL service monitoring

The NetScaler appliance has built-in secure monitors, TCPS and HTTPS. You can use the secure monitors to monitor HTTP as well as non-HTTP traffic. To configure a secure HTTP monitor, select the monitor type as HTTP, and then set the secure flag. To configure a secure TCP monitor, select the monitor type as TCP, and then set the secure flag.The secure monitors work as described below:

  • Secure TCP monitoring. The NetScaler appliance establishes a TCP connection. After the connection is established, the appliance performs an SSL handshake with the server. After the handshake is over, the appliance closes the connection.
  • Secure HTTP monitoring. The NetScaler appliance establishes a TCP connection. After the connection is established, the appliance performs an SSL handshake with the server. When the SSL connection is established, the appliance sends HTTP requests over the encrypted channel and checks the response codes.

The following table describes the available built-in monitors for monitoring SSL services.

Monitor type Probe Success criteria (Direct condition)
TCP TCP connection; SSL handshake Successful TCP connection established and successful SSL handshake.
HTTP TCP connection; SSL handshake; Encrypted HTTP request Successful TCP connection is established, successful SSL handshake is performed, and expected HTTP response code in server HTTP response is encrypted.
TCP-ECV TCP connection; SSL handshake (Data sent to a server is encrypted.) Successful TCP connection is established, successful SSL handshake is performed, and expected TCP data is received from the server.
HTTP-ECV TCP connection; SSL handshake (Encrypted HTTP request) Successful TCP connection is established, successful SSL handshake is performed, and expected HTTP data is received from the server.

SSL service monitoring

In this article