Forum Discussion

mikegray_198028

Cirrus

Apr 25, 2016

external client authetication certificate

hello team Can we use external client authentication certificate, if so is there any security issue?

application delivery

LTM

Kevin_Stewart

Employee

Apr 26, 2016

Ah, I see. Well, as Josiah answered in your other post (https://devcentral.f5.com/questions/client-authentication-user-authentication-certificates?, once consumed the BIG-IP will have access to all of the X509 data from the certificate. The CA bundle provides a trust mechanism to complete the SSL handshake. You then need to provide a mechanism to validate the contents of the certificate. Take a look at the X509 section in the wiki for some ideas on how to handle this in iRules.

https://devcentral.f5.com/wiki/iRules.X509.ashx

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)