Forum Discussion
DFeike_160744
Aug 10, 2014Nimbostratus
APM: irule needed to extract Username from Client Cert to use it for AD group query
Hi community,
i've recently took over the task to implement Big-IPs in projects and I'm quite comfortable with LTM Tasks, but now I have to solve an APM Problem.
Currently the customers mobile d...
- Aug 10, 2014
David Check out this link:
Also: check out this link on support.f5.com, it describes how the clientssl profile should be configured to require the client to submit its certificate:
In a nutshell,
HTH
John_Alam_45640
Aug 10, 2014Historic F5 Account
David Check out this link:
https://devcentral.f5.com/questions/apm-clientcert-to-kerberos-transition-parsing-subjectalternatename-in-variable-assign
Also: check out this link on support.f5.com, it describes how the clientssl profile should be configured to require the client to submit its certificate:
http://support.f5.com/kb/en-us/solutions/public/14000/800/sol14819.html?sr=39485541
In a nutshell,
1) the LTM profile obtains the certificate from client,
2) LTM iRule parses the cert fields and saves the username in a variable that the APM can access. 3) APM policy sends it to AD and performs the query.
HTH
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects