F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Letendart's avatar
Letendart
Icon for Nimbostratus rankNimbostratus
Jan 20, 2019

APM : Machine Cert issuer value and OCSP responder

Hello all, We're using OCSP responder in an APM policy after a Machine Cert Auth. The "session.check_machinecert.last.cert.issuer.cert" variable is not populated by the Machinne Cert Auth. So we have...
BIG-IP Access Policy Manager (APM)
security
Stanislas_Piro2's avatar
Stanislas_Piro2
Icon for Cumulonimbus rankCumulonimbus
Jan 21, 2019

you can create at the beginning of the VPE one variable:

session.custom.issuer.cert

with the CA cert.

Then after Machine Cert box, create a variable assign with

session.check_machinecert.last.cert.issuer.cert == Variable session.custom.issuer.cert

when the CA changes, change only the first value.