For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Skuba_85554's avatar
Skuba_85554
Icon for Nimbostratus rankNimbostratus
Aug 11, 2009

bypassing client authentication

i've got a virtual server listening on 443 which uses both a certificate for SSL and also requires client authentication. this works fine     i've now been informed of another set of users ...
config
design
Skuba_85554's avatar
Skuba_85554
Icon for Nimbostratus rankNimbostratus
Aug 14, 2009
aaron

 

 

one last question...

 

 

can you explain what this part actually does?...

 

 

when CLIENTSSL_HANDSHAKE {

 

if { [SSL::cert count] > 0 } {

 

HTTP::release

 

}

 

}

 

 

i guess it's saying, if the client offers a certificate then release the data. but according to the wiki, the CLIENTSSL_HANDSHAKE is triggered when a client-side SSL handshake has actually been completed

 

 

in addition, i don't know why this is required and what effect it has on the second part of the irule?

 

 

thank you