Forum Discussion

Nimbostratus

Dec 16, 2010

Client Certificate Help Needed!!!!

I have been searching the forums and have not been able to find an iRule example that I am able to get working. Simply put, I need to require a client certificate and allow access based on the thumbp...

Cirrostratus

Dec 17, 2010

This example is something you could start with:

http://devcentral.f5.com/wiki/default.aspx/iRules/ClientCertificateCNChecking.html

You could add logic to one of those examples, which after validating the client cert, adds the client's ssl ssession ID to the session table:

http://devcentral.f5.com/wiki/default.aspx/iRules/session

That way you could support SSL session resumption in the client SSL profile and only check the cert once per session.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Client Certificate Help Needed!!!!

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

BIG-IQ Client Certificate (PKI) Authentication

Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate

Re: Management Certificate

My Security+ Certification Journey

Unable to define WSS client certificate in F5-ASM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS