For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nuruddin_Ahmed_'s avatar
Nuruddin_Ahmed_
Icon for Cirrostratus rankCirrostratus
Jul 31, 2016

Client Authentication Certificate APM

Hi, I want to use APM for bypassing the SSL negotiations to pass to server but clients should see the server side certificate of F5 (this is not possible via proxy ssl feature). I am looking for client authentication certificates to be validated by backend server and not by F5. is it possible to use APM for such configuration?

 

application delivery
BIG-IP Access Policy Manager (APM)
LTM

1 Reply

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    Jul 31, 2016

    so correct me if im wrong, you want the certificate on the F5 to be shown to the client and the client certificate passes to the pool member? that isn't possible, SSL offloading means the client certificate is lost there. you can pass it in header or such, but not the actual certificate as part of the SSL information.

     

    if you need the client certificate at the poolmember isn't tcp load balancing an option, you do miss the ssl offloading then of course.