Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

mikegray_198028's avatar
mikegray_198028
Icon for Cirrus rankCirrus
Oct 11, 2016

client authentication certificate with ocsp

Hello,   could you please help me to configure client authentication using ocsp.   we have dedicated CA with OCSP responder. we need to authenticate connection to vip using client authentica...
application delivery
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Oct 11, 2016

Client certificate OCSP and OCSP stapling are two different things.

 

OCSP stapling is a function that allows the client SSL profile to prefetch revocation status of its own certificate and send that information to a client that supports the STATUS_REQUEST TLS extension.

 

Client certificate OCSP revocation checking is a separate function that allows the BIG-IP to validate the status of a client's certificate. This can be done in an LTM authentication profile, but that feature has been mostly deprecated in favor of APM OCSP.