Forum Discussion

Manuel_'s avatar
Manuel_
Icon for Altocumulus rankAltocumulus
Oct 19, 2022

C3D first request problem

Hi all, We have an application that has a login button and when you press it you can login with a certificate. This is working perfectly fine. We have put in front of the app a virtual server with ...
C3D
Security
  • Manuel_'s avatar
    Manuel_
    Oct 20, 2022

    With the iRule like this the error does not occur:

    when CLIENTSSL_HANDSHAKE {
  if { [SSL::cert count] != 0 } {
    HTTP::release
  }
}

when HTTP_REQUEST {
    # Some tests to determine if IS_LOGIN_PAGE
    if { IS_LOGIN_PAGE }{
        HTTP::collect
        SSL::session invalidate
        SSL::authenticate always
        SSL::authenticate depth 9
        SSL::cert mode request
        SSL::renegotiate
    }
}

    The only problem I've seen happens if the user cancels the select certificate dialog in the browser but that doesn't worry us a lot.

Manuel_'s avatar
Manuel_
Icon for Altocumulus rankAltocumulus
Oct 20, 2022

With the iRule like this the error does not occur:

when CLIENTSSL_HANDSHAKE {
  if { [SSL::cert count] != 0 } {
    HTTP::release
  }
}

when HTTP_REQUEST {
    # Some tests to determine if IS_LOGIN_PAGE
    if { IS_LOGIN_PAGE }{
        HTTP::collect
        SSL::session invalidate
        SSL::authenticate always
        SSL::authenticate depth 9
        SSL::cert mode request
        SSL::renegotiate
    }
}

The only problem I've seen happens if the user cancels the select certificate dialog in the browser but that doesn't worry us a lot.