Forum Discussion
jermc777_185784
Nimbostratus
NimbostratusClient Authentication - Trusted Certificate Authority
My website requires user authentication with user name and password. Example, www.mysiteABC.com. I want to allow users to access this as they normally do but if they were to go to www.mysiteABC.com...
Brad_Parker
Cirrus
CirrusGive this a try:
when HTTP_REQUEST {
if { [string toupper [HTTP::uri]] starts_with "/DEFG" }{
SSL::cert mode require
}
else {
SSL::cert mode request
}
}
I don't have a good place to test this but, this make me think it could work.
"the system stores the received peer certificate in the SSL session table, so the certificate is available to the specified iRule commands as long as the SSL session is valid. In previous releases, the CLIENTSSL_CLIENTCERT iRule event retrieved the peer certificate; now the stored certificate can also be retrieved inside the HTTP_REQUEST event."jermc777_185784Nimbostratus
NimbostratusI tried this but it did not seem to work. I set have my SSL profile to "request" then to "require" and I also tried to ignore in both of those statements above but the URL just hangs or is looking for a cert.