Forum Discussion

Nimbostratus

Dec 01, 2009

auth_result not called for some client certificates

Hi everyone, I am trying to resolve an issue with an irule that is utilized to ask for client certificates for certain folders. The irule works great except for certain client certific...

Cirrostratus

Dec 02, 2009

Hi Mike,

I'm having a hard time following the exact details of the failure without seeing any logs of a failure.

Is it possible that the client is not sending the client cert first in a set of client and intermediate certs that might be in their client cert bundle? Can you log the subjects for [SSL::cert 0] and higher certs that may be there with something like this:

 
 for { set i 0 } { $i < [SSL::cert count] } { incr i } { 
  
    log local0. "Cert $i subject: [X509::subject [SSL::cert $i]]" 
 }

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

auth_result not called for some client certificates

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

Why does SSLO not support ACTIVE-ACTIVE mode deployments？

Failed to set RDP launch token timeout

Horizon View iApp - Big-IP 17.5

r4600 Tenant CPU Assignment

master key file on vcmp guest HA Cluster different?

Related Content

Automating ACMEv2 Certificate Management on BIG-IP

AppWorld 2024 Call For Speakers open

Help F5 Transform the BIG-IP Administrator Certification

Automate Let's Encrypt Certificates on BIG-IP

Re: Management Certificate

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS