Forum Discussion

Nimbostratus

Feb 05, 2020

Configuring F5 to reliably request pin when CAC card certificate selected

We have a website behind an F5 which is currently configured through an IRULE to request a CAC card certificate when a secure sub directory is requested. This works fine and when I present my email ...

Employee

Feb 18, 2020

To understand your configuration: Do you have an APM profile assigned to the VIP that is supporting the application in question?

---------------

-If the users are internal only, on the same domain as the application, you are accessing the site via Kerberos or NTML.

-you can verify via Powershell by typing the following:

> klist

*Press Enter

-Below is an example of what you will see:

#1 will be the SPN / URL of the application or site you are accessing.

-Example site: fimportal.corp.contoso.com

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Configuring F5 to reliably request pin when CAC card certificate selected

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Certificate Expiry Email alert configuration

Automating ACMEv2 Certificate Management on BIG-IP

Building an OpenSSL Certificate Authority - Configuring CRL and OCSP

Adopting Site Reliability Engineering with F5

Reliable resources for identifying IP addresses

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS