Forum Discussion

Nimbostratus

Jan 20, 2019

APM : Machine Cert issuer value and OCSP responder

Hello all, We're using OCSP responder in an APM policy after a Machine Cert Auth. The "session.check_machinecert.last.cert.issuer.cert" variable is not populated by the Machinne Cert Auth. So we have...

BIG-IP Access Policy Manager (APM)

security

stan_piron

Cumulonimbus

Jan 21, 2019

you can create at the beginning of the VPE one variable:

session.custom.issuer.cert

with the CA cert.

Then after Machine Cert box, create a variable assign with

session.check_machinecert.last.cert.issuer.cert == Variable session.custom.issuer.cert

when the CA changes, change only the first value.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM : Machine Cert issuer value and OCSP responder

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

GRPC through F5 Virtual Server [RST_STREAM with error code: INTERNAL_ERROR]

[ASM] - How to disable the SQL injection attack signatures

[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only

Changes to DO and AS3 GitHub - no longer monitored

[ASM] : "Request length exceeds defined buffer size " - How to increase the limit ?

Related Content

NGINX Virtual Machine Building with cloud-init

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

APM SAML IdP - SP Issuer Extraction

Ubuntu Virtual Machine for NGINX Microservices March 2022 Labs

OCSP Responder

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS