Forum Discussion

Nimbostratus

Nov 16, 2018

Filtering based on client certificate

Hello, I want to make F5 filter user requests based on client certificate so that requests that do not have certificate are not passed to web server. Also, F5 shouldn't authenticate the user. Ho...

Nimbostratus

Nov 16, 2018

Hello,

take a look on client ssl profile. You have whole section there called "Client Authentication" where you define parameters used to determine if client with certain certificate should be allowed or not.

More details here: https://support.f5.com/csp/article/K14783

Zaklina_377109

Nimbostratus

Nov 18, 2018

If I use SSL proxy function and certificate doesnt match or I receive connections without certificate, who will drop request, BIGIP or server? I need BIGIP drop that connections. Maybe there is some other options so that BIGIP can drop such request?

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Filtering based on client certificate

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

SSL Client Certification Alert 46 Unknown CA

HTTPS Routing based on Client Certificates values with F5 Distributed Cloud

BIG-IQ Client Certificate (PKI) Authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS