Forum Discussion
soymanue
Nimbostratus
Apr 05, 2011Certificate Authentication issue with Firefox 4
Hi
We have a SSL site. Once you have connected, you must get authenticated to access a a part of the site. You can be authenticated with user and password, but you can also choose to be authenti...
Joel_Moses
Nimbostratus
Apr 05, 2011Hoolio's right. No way around this until RFC-5746 support, unless you want to collect the client certificate as part of the initial SSL transaction (no more asking for cert only for certain URIs, then).
The only other way I can see around this in the meantime is to set up another VIP/hostname with the clientSSL profile set to "require" the client certficate, and redirect users who migrate to the /certauth.jsp URI to the new VIP/hostname. You can then modify the iRule to remove URI detection and renegotiation and just set the WL-header values. If you want to get really fancy, you could do this just for Firefox 4 users via User-Agent.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects