Forum Discussion

Nimbostratus

Feb 05, 2015

Client Authentication - Trusted Certificate Authority

My website requires user authentication with user name and password. Example, www.mysiteABC.com. I want to allow users to access this as they normally do but if they were to go to www.mysiteABC.com...

application delivery

BIG-IP Access Policy Manager (APM)

Nimbostratus

Feb 05, 2015

Ok you can definitely do what you are describing now. Setup your clientssl profile to "Request" instead of "Require" a client certificate.

This way the SSL handshake is successful for both end users which presented a certificate and those who did not.

In the CLIENTSSL_HANDSHAKE event, check if a certificate was presented and it matched any of your policies. Based on those checks setup a flag.

Now you can use the flag in the HTTP_REQUEST event to either provide access or redirect to an info page which tells users what they need.

Best.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

CIS

container ingress services

devops

Gateway Fabric

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

announcement

Appworld2026

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client Authentication - Trusted Certificate Authority

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

OWA File Upload URIs for WAF Bypass

F5 AWAF/ASM learning only from Trusted traffic?

irule execution error

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Show or List F5 XC Routes in the Web

Related Content

Building an OpenSSL Certificate Authority - Creating Your Root Certificate

Building an OpenSSL Certificate Authority - Creating ECC Certificates

Building an OpenSSL Certificate Authority - Creating Your Intermediary Certificate

JWT authorization with NGINX Ingress Controller

Understanding Server SSL Trusted Certificate Authorities on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS