Forum Discussion

Cirrostratus

May 01, 2016

Client Authentication on server side ssl

Hi, We have a requirement for SCCM. we have two scenerios, one without F5 and one with F5 (we have apm license as well). Witchoug F5 - Users have client certificate for authentication. Se...

application delivery

BIG-IP

BIG-IP Access Policy Manager (APM)

Kevin_Stewart

Employee

May 01, 2016

If we're still talking about client certificate authentication, then no. Mutual PKI authentication is a function of the SSL handshake. So for the server to be able to consume the client's certificate, they must perform a direct SSL handshake, which means you cannot decrypt and re-encrypt in the middle. The F5 is then blind to the application traffic.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client Authentication on server side ssl

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

SSL Profiles Part 8: Client Authentication

Configuring APM Client Side NTLM Authentication

RADIUS server authenticating user with Google Authenticator

BIG-IQ Client Certificate (PKI) Authentication

Simple HTTP Authentication server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS