For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Mark_Wallis_833's avatar
Mark_Wallis_833
Icon for Nimbostratus rankNimbostratus
Feb 03, 2013

Dealing with SSL client cert auth and long-running connections

Hi everyone.   We have a SSL VS that requires SSL client certificate authentication. We use an iRule to store the client certificate used for authentication in the SSL session so we can inject it ...
application delivery
dev
devops
iRules
Mark_Wallis_833's avatar
Mark_Wallis_833
Icon for Nimbostratus rankNimbostratus
Feb 05, 2013
Thanks for the reply Kevin.

 

 

We already have access to the certificate, and have stored it away in the SSL session so we can pull it back out again in the HTTP_REQUEST event. Our application is B2B based, and doesn't rely on HTTP sessions at all. We do rely on SSL sessions though to ensure that we don't have to rehandshake for every TCP connection.

 

 

Thanks for the pointer though to X509::not_valid_after. That is exactly what we need. I'll store it away and check it again on HTTP_REQUEST.

 

 

Regards,

 

M.
Related Content