Forum Discussion

Nimbostratus

Dec 16, 2010

Client Certificate Help Needed!!!!

I have been searching the forums and have not been able to find an iRule example that I am able to get working. Simply put, I need to require a client certificate and allow access based on the thumbp...

Cirrostratus

Dec 17, 2010

This example is something you could start with:

http://devcentral.f5.com/wiki/default.aspx/iRules/ClientCertificateCNChecking.html

You could add logic to one of those examples, which after validating the client cert, adds the client's ssl ssession ID to the session table:

http://devcentral.f5.com/wiki/default.aspx/iRules/session

That way you could support SSL session resumption in the client SSL profile and only check the cert once per session.

Aaron

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Client Certificate Help Needed!!!!

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

SSL Client Certification Alert 46 Unknown CA

BIG-IQ Client Certificate (PKI) Authentication

HTTPS Routing based on Client Certificates values with F5 Distributed Cloud

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS