Forum Discussion

Nimbostratus

Jun 18, 2019

How to hand client certificate to the server on Kubernetes cluster?

Hi. We attempt to distinguish every user from others by client certificate's subject. Our BIG-IP is connecting to kubernetes cluster which uses calico as cni. Now, BIG-IP receives request on port 443...

Rodrigo_Albuque

MVP

Hi Yoko,

Are you talking about production traffic? If server-side connection is HTTP, there should be no client certificate sent over to your servers. I guess I didn't quite understand what you're trying to do?

yk1

Nimbostratus

Jun 19, 2019

Rodrigo, thank you for your reply.

I'm trying to get subject of client certificate (actually, our application server uses it for user authentication, and cannot recognize who access to without subject). I want only subject, so not necessary to send client certificate itself. Best solution is ssl passthrough (because all BIG-IP has to do is to through requests, I think), but our BIG-IP somehow wouldn't do ssl passthrough, so I'm seeking another solution.

Forum Discussion

How to hand client certificate to the server on Kubernetes cluster?

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Integrating with your IPv6 Kubernetes Cluster

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud

Use Kubernetes Cert-Manager to Maintain Let's Encrypt Certificates

Deploying F5 Distributed Cloud WAF on Kubernetes

Multi-cluster Kubernetes/Openshift with GSLB-TOOL