Forum Discussion

shadow82's avatar
Icon for Cirrus rankCirrus
Jan 04, 2024

Client certificate forward to backend server


I need to forward client SSL cert to backend server over F5 to authenticate it.

Our F5 config consist of 1 External VServer that routes requests based on checking HTTP Host to chosen Internal VServer (next traffic is normally forwarded to pool member)

Above decision is based on multiple LTM policy rules.

So I'm confused in which SSL profile should I put Client authentication details (with Root_CA that self signed Client cert)

And should I use any iRule for this purpose. If yes - how should it look like?

Some base data:

  • We use F5 VE Act/Stb cluster with LTM module, version BIG-IP 
  • We have 1 External VServer forwarding request to chosen Internal VServer based on HTTP Host (we use LTM policy for this purpose)

Thanks in advance

3 Replies