APM + iOS Edge Client + Client Certificate + RSA + AD

Question

Hi,&nbsp;
&nbsp;Has anyone managed to configure the iOS edge client in this manner:&nbsp;&nbsp;&nbsp;VPE policy on APM configured for&nbsp;
&nbsp;Logon page -&gt; RSA -&gt; AD -&gt; Network Access resource assign -&gt; allow&nbsp;&nbsp;Virtual server with above VPE profile&nbsp;
&nbsp;With a client ssl profile that requires a client cert&nbsp;&nbsp;iOS edge client set to relevant URL and 'web logon' set to on&nbsp;&nbsp;
&nbsp;We need to use client certs to validate the machine, then the user auth is done through AD and RSA, which means that we must use web logon. Unfortunately web logon seems to result in no ability to use client certs so we are somewhat catch 22.&nbsp;
&nbsp;Any help is appreciated.&nbsp;
&nbsp;Chris.&nbsp;

ben_cuthbert_90 · Answer

Hey Chris, 
&nbsp;  
&nbsp; You'll also need an On-demand certificate VPE object, but yeah one seems to cancel out the other. Might be worthwhile logging a support case to get this put up as a feature request!

F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

APM + iOS Edge Client + Client Certificate + RSA + AD

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

can't access on prem dns when using F5LTM as a gateway

Issue with TLS Version 1.1 Deprecated Protocol

Service discovery is not happening in AS3

Load balanced RDP VIP use in APM

Deleting an AS3 Tenant

Related Content

SSL Client Certification Alert 46 Unknown CA

BIG-IQ Client Certificate (PKI) Authentication

HTTPS Routing based on Client Certificates values with F5 Distributed Cloud

Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate

Thumbprint of the client ssl certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS