Forum Discussion
ASM vs to APM vs and client certificates
- Jul 17, 2023
Hi AlexS_yb,
I think you are looking for C3D (Client Certificate Constrained Delegation), this feature allows the BIG-IP to forge a client certificate for use in server-side client certificate authentication. The forged certificate is generated using information from a client certificate provided in the client-side ssl handshake.
See: K14065425: Configuring Client Certificate Constrained Delegation (C3D)This way the APM should see the forged client cert with the required attributes for user authentication.
KR
Daniel
Hi AlexS_yb,
I think you are looking for C3D (Client Certificate Constrained Delegation), this feature allows the BIG-IP to forge a client certificate for use in server-side client certificate authentication. The forged certificate is generated using information from a client certificate provided in the client-side ssl handshake.
See: K14065425: Configuring Client Certificate Constrained Delegation (C3D)
This way the APM should see the forged client cert with the required attributes for user authentication.
KR
Daniel
- AlexS_ybJul 21, 2023Cirrocumulus
Thanks for that , but not for me I don't think
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com