Forum Discussion

soymanue's avatar
soymanue
Icon for Nimbostratus rankNimbostratus
Oct 23, 2012

Edge Client Internal Certificate Authentication

Hello

 

Is it possible to make the BIG-IP work as an Internal CA to issue user certificates that we would use for user authentication with APM and Edge client?

 

 

12 Replies

Show More
  • Seth_Cooper's avatar
    Seth_Cooper
    Icon for Employee rankEmployee
    Feb 06, 2013
    Hi Manuel,

     

     

    The F5 does support checking for machine certifcates. There is a "Machine Cert Auth" action in the VPE.

     

     

    Do you just want to use the machine cert to authenticate a user to the VPN? If so just don't put in a logon page on the policy and do a check for the machine certificate, if it is valid give them the network access resource if it isn't valid then deny the session.

     

     

    Seth
  • Marco_Castro_11's avatar
    Marco_Castro_11
    Icon for Nimbostratus rankNimbostratus
    Jun 12, 2014

    Hi, Using OpenSSL i have generated some certificates in CLI of APM. Any ideas/suggestions how can clients download certificate directly from APM?

     

    Regards, MC