Hi Patrick,
so your idea is: Do TLS on the broker, the loadbalancer just forwards tcp connections to the broker TLS port ?
This is an absolute valid idea and should work (seen that many times before).
To debug your issue:
Start with debugging your TLS connection with openssl:
openssl s_client -connect :
(any broker port, that does TLS should work: SMF/SEMP/MQTT/whatever).
If TLS handshake is successful, openssl should output you details, e.g. the server certificate and much more information.
Does that work for you ?
(Details for doing that can you find in my article:https://community.solace.com/discussion/510/how-to-test-tls-connection-and-server-certificate
Uli