Forum Discussion

Nimbostratus

Nov 18, 2015

CRLDP Authentication : CRL lookup failed

Hi F5 community, I'm trying to use CRLDP Authentication on BigIP APM (12.0.0). This is for an ActivSync access with Certification credentials (Kerberos method). Everything works before adding CR...

application delivery

BIG-IP

BIG-IP Access Policy Manager (APM)

crldp

ldap

Kevin_Stewart

Employee

Nov 18, 2015

The error you're getting is most likely not because of authentication. Do your client certificates have a CRLDP x.509 extension in them? And if so do they point to the correct URL? APM has supported HTTP-based CRLDP for a few versions now and frankly that's the better and simpler way to go if you can do it.

As for requiring authenticated LDAP, it generally doesn't make sense to do that for CRLDP (or any revocation data) resources. While it technically can be done (adding bind information to an LDAP request) via iRules and some magical VIP targeting, it isn't natively supported in the config.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

CRLDP Authentication : CRL lookup failed

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

HTTP error 503, DNS lookup failed

SNI Routing with DNS Lookup

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

Application Programming Interface (API) Authentication types simplified

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS