Forum Discussion

ptate_72056

Nimbostratus

Jul 06, 2011

Client side SSL with client certificate handled elsewhere

Hi All, We have a requirement to receive a request over SSL. The request will contain a client certificate. In our solution we will terminate the SSL request at BigIP as normal but we need t...

config

design

hooleylist

Cirrostratus

Jul 06, 2011

Hi Phill,

TMM can't use the client's cert in an HTTP (or even in an HTTPS) request to the server. HTTP doesn't support client certs. And TMM doesn't have the client's private key to do this via SSL.

You can insert the entire cert base64 encoded or specific cert attributes in a custom HTTP header though. Here's one example:

http://devcentral.f5.com/wiki/default.aspx/iRules/InsertCertInServerHeaders.html

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Client side SSL with client certificate handled elsewhere

Recent Discussions

how to whitelist new source IP on F5 web UI access

F5 to read a combined CRL file

Upgrade F5 BIGIP

ISP Load Balancing, SNAT pool instead of Automap link self-ip, anyway to do health check ?

MAC address of deleted VS IP address still responsive

Related Content

AI Security : Prompt Injection and Insecure Output Handling.

Automating ACMEv2 Certificate Management on BIG-IP

Intermediate iRules: Handling Strings

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS