Forum Discussion
BIG-IP Forward Client Cert To Node
Hey all,
At our company, we have a BIG-IP cluster bridging two networks, with servers / client on both sides (we also have the AWAF module which goes over HTTP requests).
Some of our websites require mutual TLS, but the thing is we have a lot of client certificates, and can't load all of them into BIG-IP.
Is there a way to forward the client certificate to the server? We need the certificates to be presented during the handshake and not sent as a header.
Thanks!
- AceHunter1965Altostratus
An important note - We use a single virtual server since all requests go through the same port and into the same IP
Proxy SSL is the answer. check this for more information:
https://support.f5.com/csp/article/K13385
https://techdocs.f5.com/en-us/bigip-16-0-0/big-ip-system-ssl-administration/implementing-proxy-ssl-on-a-single-big-ip-system.html
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com