For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Nuruddin_Ahmed_'s avatar
Nuruddin_Ahmed_
Icon for Cirrostratus rankCirrostratus
Dec 26, 2016

Client Certificate Authentication Risks

Hi, currently I have a VS which is working on 'require' client authentication setting. I have imported the root certificate of client certificate in 'Trusted Certificate Authorities' and 'Advertised Certificate Authorities'. Additionally, we have created two irules, one would validate the serial number of the certificate and other would validate the CN of the certificate. I want to know, is it a good approach? are there any security risks with it? What are some of the things which I can tighten as part of client certificate authentication?

 

application delivery
BIG-IP
LTM

2 Replies

  • Samir_Jha_52506's avatar
    Samir_Jha_52506
    Icon for Noctilucent rankNoctilucent
    Dec 27, 2016

    There is no security risk.I would suggest you to combine both irule to single irule. And you have to select CA certificate in Client Authentication cert list. Let us know if you have any question.