Forum Discussion

jban_198207's avatar
jban_198207
Icon for Cirrus rankCirrus
Apr 28, 2015

Certificate auth require Password?

Strange issue between Android ActiveSync and F5 server.

 

Initial setup was from iApp then modified.

 

We have SSL profile that request Client Certificate Authentication.

 

If in Android ActiveSync client password is empty then there will be authentication fails, regardless we have checked Client Cert Authentication. (This issue isn’t present on Blue Coat or NetScaler, so I assume it’s something with initial F5 request).

 

I have tried to modify header password, insert header password etc. but no luck. Thing is that we don’t need password, password can be anything because behind Certificate we have SSO. We only need certificate from Client.

 

What can we do next in F5 SSL profile?

 

application delivery
BIG-IP Access Policy Manager (APM)
cloud
deployment
devops
iApps
LTM
security
vmware

5 Replies

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus
    May 01, 2015

    If in Android ActiveSync client password is empty then there will be authentication fails

     

    Are you seeing the Certificate auth succeeds if password not empty?

     

  • kunjan's avatar
    kunjan
    Icon for Nimbostratus rankNimbostratus
    May 05, 2015

    So password empty or non-empty is not a factor, either way cert fails? Is the cert valid (trusted, matches domain) ?

     

  • jban_198207's avatar
    jban_198207
    Icon for Cirrus rankCirrus
    May 05, 2015

    This is where it stops Apr 27 15:45:07 F5 debug tmm[11738]: 01490000:7: HTTP uri: /Microsoft-Server-ActiveSync?Cmd=Ping&User=domain%5Cuser&DeviceId=SERIALNO32ABC&DeviceType=SAMSUNGSMODEL Apr 27 15:45:07 F5 debug tmm[11738]: 01490000:7: HTTP len: 0 Apr 27 15:45:07 F5 debug tmm[11738]: 01490000:7: Recv'd HTTP Basic Authentication ...