f5 APM edge client for IPHONE 8.1.3

to recap, using iOS 8.1.3, when you use safari browser on the iPhone it works, but with the edge client on the same iPhone it doesn't?

why do you use the different cert inspection items? does it still work on safari when you change that to client cert inspection?

I made it a very simple APM policy

And changed the SSL CLIENT policy to request cert and through the browser I got the following successful message

When I test the exact same configuration with the edge client

I changed to ODCA browser looks good

with client same result

What troubles me is that the receive info on the edge client is WIN which makes scratch my head.

Thanks for response.

Rahim

Hi Rahim,

Please follow this guide for On-Demand cert auth for iOS.

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-5-0/16.html

You need to have the client ssl profile set to "ignore" and the on-demand cert auth set to "required".

Please try this and let us know if it fixes your issue.

Seth

Have you selected "use certificate" and the certificate in edge client configuration on the iphone? Just to be sure all pieces are ok.

gianrico

Yes client cert has been checked off

Seth I will adjust the parameters accordingly and let you know

Rd

Adjusted accordingly same result turned on the debug does looks like the OCDA agent is working on the edge client as I do not see any cert authentication in the debug logs.

The browser is working fine.

I upgraded to VE 11.5.2 and have had some better testing thanks for your help.

I upgraded to VE 11.5.2 and have had some better testing thanks for your help.