Forum Discussion

Nimbostratus

Apr 15, 2024

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

My need: I want to have one unique VIP to handle both non-secure traffic for UI service and also to secure API services. For the API, I have 2 cases: jwt is provided, I need to have the SSL::cert ...

security

doria786

Nimbostratus

In the HTTP_REQUEST event, we check if the clientId exists in the JWT claims. If it does, we require an SSL certificate. Otherwise, we ignore it. The URL path-based logic ensures that specific paths are handled differently. In the HTTP_REQUEST_SEND event, we handle the client certificate details.

caz

Nimbostratus

Apr 18, 2024

Thanks for the insight, any chance you share your irule logic?

Forum Discussion

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

Recent Discussions

monitor a pool that consists of Linux Squid Servers

Reliable resources for identifying IP addresses

VPN fragmented IP packets dropped

Reset cause

snmp automatic stop mail send

Related Content

SSL-Cert

SSL Cert expiration Tracker

LTM HA Pair SSL Certs

iRule to accept client then SSL cert validation

extract LTM VS ssl profile binding cert and key information to generate a json with python f5-sdk