Forum Discussion

Jeroen_V_95572's avatar
Jeroen_V_95572
Icon for Nimbostratus rankNimbostratus
Aug 22, 2011

Electronic ID - user authentication with ocsp

All,       I have a problem regarding my BIG IP ASM installation. We have an application that is requesting a certificate to login.   This is an Electonic Identity that is issued by our g...
config
design
Jeroen_V_95572's avatar
Jeroen_V_95572
Icon for Nimbostratus rankNimbostratus
Aug 22, 2011
Hi Aaron ,

 

 

Thanks for your reply, I am running v10.2.1 so normally it shouldn't be a problem.

 

 

It's checking it for all those URI's and if I disable the authentication profile I still get a certificate request from our appliance.

 

 

I noticed that I also have to configure an irule to insert the serial number in an http header for the web application.

 

When I was doing that I thought lets debug some things, so first I copy the X509 detail into the session table when a client certificate is presented. Then when a HTTP request i look those values up and it's reading those values correctly the only error I get and actually it's the most important one "certificate not trusted" so my trusted CA is not correct at this moment.

 

 

But really a nice feature those Irules, nice to debug those things !

 

 

Rg,

 

 

j