Forum Discussion
Ian_Johnson_382
Apr 04, 2011Nimbostratus
Client Certificate authenication for a tcp connection
Hi All,authentication a connection to a non HTTP/HTTPS application. solution is that the user would run the client software which makes a TCP connection to 5000, the LTM would ask the client for authentication using via Client SSL certificate (Either using iRule or Client SSL profile, not sure which one as yet). The LTM will validate the SSL certificate and then let the client software connect to the server.
Is it possible to use Client Certificates to
The ideal
Anyone ever done anything like this?
Thanks
Ian
3 Replies
Sort By
- Sure man, it's one of the things the LTMs are great for, SSL offloading.. You can listen on any port you want for HTTPS, and forward to any port as well for the HTTP side.. You would need a client SSL profile and the certificate/key.
sol10167:Overview of the Client SSL profile Hi,
- I believe that the Client SSL profile with client certificate authentication works just fine with "stunnel" (http://www.stunnel.com/) type on-demand SSL built to tunnel TCP. It's hard to say without knowing a bit more about the application running over it (both client and server) whether it'll be a good user experience or not -- but it's certainly possible.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects