Forum Discussion
NimbostratusAPM w/o javascript (access APM VIP from a script)
Hi all, I have an APM policy which is using certificate authentication, and an OCSP check. I have this bit working, but the thing is, this VIP sits in front of an API which gets accessed programmatically (HTTPS) from a script in whatever language - not from a browser. When I try to access it I get back the APM error message of "Javascript is not enabled in your browser...blah blah blah". There is no logon page, the APM policy is just on-demand cert auth followed by the OCSP check.
How do I get rid of this javascript nonsense?
I first had tried not using APM, and doing a certificate authentication profile, but I understand that is old school and deprecated, and I couldn't get the OCSP to work anyway. The APM policy with cert/OCSP is working, and have confirmed by packet capturing the OCSP conversation. But I do not know how to stop the javascript browser detection which I have no need for as there is no logon page....
Many thanks for any assistance you can offer.
2 Replies
youssef1Cumulonimbus
Hi,
you have to configure your policy as clientless-mode: Add this irule to your VIP:
when HTTP_REQUEST { HTTP::header insert "clientless-mode" 1 }Or follow this article (APM Clientless certificate authentication by stanislas):
https://devcentral.f5.com/codeshare/apm-clientless-certificate-authentication-1108
Keep me in touch.
Regards
Stanislas_Piro2In the irule, in CLIENTSSL_CLIENTCERT event, replace:
HTTP::releaseBy
catch {HTTP::release}
