How to deploy client authentication(require) using F5's self-signed certificate

BTW request is as good as none really (unless you're doing certificate checks in an iRule)

Do you get any logs in the LTM log to give you any clues?

I'd try the following Sols from f5:

Overview of SSL Profile

Troubleshooting Client Certificate Authentication

In a nutshell have you got the "Trusted Certificate Authorities" section in the SSL profile set? If it's a self signed cert it may not reference a CA so you might just need to reference the certificate itself here.

Also, presumably you have a client CA in the Personal folder? Do you get prompted to choose a certificate to use for authentication?

Rgds N

Hi nathan,

I don't get any logs from f5 related to the certificates, also i used same certificate to the "Trusted Certificates Authorities". i always get ssl error on the web page if it is require.

Thanks! Ferdz

do you get a prompt to select a certificate at all on the client? does the client have the certificate installed into their certificate store? which browser are you using? Does it make any difference between IE or Firefox, for example? I'd look to enable debugging then or perhaps try a tcpdump/ssldump to see if this gives you anymore clues.

I had already installed the certificate in both browsers, IE and Firefox, on my IE, page cannot be displayed is the result, on firefox, unauthorized certificate and when i click continue, it says ssl error, can you give me the steps in creating self signed certificate, and client ssl profile configuration?

I had already installed the certificate in both browsers, IE and Firefox, on my IE, page cannot be displayed is the result, on firefox, unauthorized certificate and when i click continue, it says ssl error, can you give me the steps in creating self signed certificate, and client ssl profile configuration?