Forum Discussion

Nimbostratus

Oct 15, 2013

F5 SSL VPN Certificate Based Authentication on Android

Hi, I am trying to get our Big IP v11.3 appliance working for certificate based client authentication for VPN connections. I am deploying certificates to mobile devices using the AirWatch EMM so...

BIG-IP Access Policy Manager (APM)

security

Matt_Dierick

Employee

Oct 15, 2013

To retrieve logs from APM : tail -f /var/log/apm From LTM : tail -f /var/log/ltm Run the command line first, and launch your client after.

For client cert validation, create a client SSL profile, in LTM, with "Require" client certificate. Import your CA and CRL if needed. In APM, create a policy with "client cert inspection" if you wants to retrieve information from the certificate. But it's not mandatory. LTM has already validated the certificate.

For a dynamic CRL inspection, you can use CRLDP ou OCSP in APM.

Hope this help.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

F5 SSL VPN Certificate Based Authentication on Android

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Automating Certificate Management on F5 BIG-IP

APM Clientless certificate authentication

BIG-IQ Client Certificate (PKI) Authentication

F5 Labs uncovers new Android malware strain MaliBot

Automating ACMEv2 Certificate Management on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS