Resolution ...
In this configuration (advanced Availability), F5 is being used as load balancer for 2 x Application Servers, configuring Tomcat, DNS entries and what DNS entries to put in the SSL certs to make this configuration work
F5 is configured with its own IP address which is published to the internet and is also used for internal LAN linked to DNS entry.
The SSL certs must comply to Governance, Risk & Security which only allows SSL certs to show DNS naming for servers (example: https:/support.company.com)
You need to create an additional SSL cert for configuring on all your servers, this cert needs 2 additional entries for upload servlets (background & standby servers) and these additional entries needs to be created in DNS as well.
You don't have to create an additional cert, if you want to add the upload servlet entries in your F5 cert you can and then configure that cert on your servers as well, bearing in mind that the upload servlet DNS names will be visible when the cert is being viewed on the internet.
In this example we created an additional cert as follows:
• support.company.com
• backgroundattach.company.com
• standbyattach.company.com
Make sure all of these are DNS entries pointing the correct servers / IP addresses. (Etc. backgroundattach.company.com - DNS points to BackGround Server IP)
Configuring tomcat is per normal as per documentation
When configuring the attachments servlets for background and standby servers you use these DNS entries as follows
Background Server
https:/backgroundattach.company.com:443/CAisd/UploadServlet
Standby Server
https:/standbyattach.company.com:443/CAisd/UploadServlet
Tested with failover and is working