Forum Discussion

Nimbostratus

May 23, 2016

How to set certificate two times to redirect server

My app access to URL with SSL then after passed access plocity it will be redirect to another site which required another certificate. App access to BIG-IP from client ->Server: heck OK with c...

application delivery

BIG-IP

BIG-IP Access Policy Manager (APM)

Hannes_Rapp

Nimbostratus

May 23, 2016

SSL-MA enforces that client presents one client certificate per SSL handshake. You cannot present a certificate bundle (2 or more certificates) as client. Your client must be able to make a difference between https://first.url.com and and access each of them with a proper client-certificate.

I'm not sure what you mean by term "redirect", but assuming you use it in a correct meaning (invoked HTTP response), you must ensure "Connection: Close" headers are included so that the client is guaranteed to refrain from retaining the existing TCP & SSL session when requesting https://second.url.com.

If the TCP & SSL session are not retained when redirecting users from one URL to another, it's merely a client-side issue (is missing a correct client-certificate for https://second.url.com )

Regards,

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)