Forum Discussion

Cirrus

Apr 06, 2017

APM CRLDP Response

Hey all. I am able to use CRLDP cert check in APM (v11.6HF6). OCSP is not an option as the ocsp x509 extension does not exist in all my certs and I do not want to keep a list of issuers to OCSP profi...

BIG-IP Access Policy Manager (APM)

crldp

security

Erich_Rockman_1

Cirrus

Apr 08, 2017

Thanks for the reply. I have done all that. The problem is that there is no extended information when the CRL cannot be contacted. This is in the sessiondump:

414ca204.session.crldp./Common/Policy_act_crldp_auth_ag_1.result 1 1 414ca204.session.crldp.last.result 1 1

while this is in the APM debug:

modules/Authentication/Crldp/CrldpAuthModule.cpp func: "setCrldpResponseStatus()" line: 796 Msg: Crldp Response Status: Bad HTTP response status and Following rule 'Successful' from item 'CRLDP Auth'

Not sure I would call that successful.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM CRLDP Response

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

APM CRLDP

Introduction of Incident Response

F5 NGINX API Gateway: Simplify Response Manipulation

Removing x-frame-options header from response when using APM

custom response page for api

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS