For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Robert_Decker_2's avatar
Robert_Decker_2
Icon for Nimbostratus rankNimbostratus
Feb 01, 2006

Authenticate customer using SSL client certificate or LDAP

I was wondering if anyone could show me how to perform multiple methods of authentication within an Irule. I would like to use ssl authentication against a client certificate as the first method, how...
application delivery
dev
devops
iRules
Robert_Decker_2's avatar
Robert_Decker_2
Icon for Nimbostratus rankNimbostratus
Mar 13, 2006
Could anyone suggest how to add ssl ocsp into this rule? I would only like to check those clients with a cert status of "ok". I am under the impression that the all ssl clients will connect to the Big IP and verify their cert status against root certs located on the Big IP (like CA bundle). The Big IP will then connect to an ocsp server to verify if the cert has been revoked (Please let me know if this is incorrect). I am afraid that I will kill all ldap clients by attaching the sys auth ssl ocsp rule after the rule I have posted.

 

 

Thank you for your help!

 

Rob