Forum Discussion

Nimbostratus

Jun 27, 2018

Client Certificate Inspection on SSL VPN

I have a request to set up an SSL VPN on the F5 which requires that only devices with machine certificates are allowed to connect. I have set up the VPN and it works fine without certificate ins...

BIG-IP Access Policy Manager (APM)

certificate authentication

Cirrus

Jun 29, 2018

As you hinted, it's all in the one client ssl profile.

The option to specify the trusted ca for the client cert is in the client ssl profile under Client Authentication->Trusted Certificate Authorities. This is done in the same client ssl profile that you're serving the DigiCert certificate with. There is no need to associate another client ssl profile with the virtual server.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Client Certificate Inspection on SSL VPN

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

BIG-IQ Client Certificate (PKI) Authentication

Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate

Unsupported Snort Keywords in Protocol Inspection

Re: Management Certificate

Automating NGINX Certificate Rotation on AWS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS