Forum Discussion
VernonWells
Jul 18, 2016Employee
Your choices are:
- Offload TLS on the BIG-IP (and potentially re-encrypt between BIG-IP and the servers);
- Inspect a presented client certificate.
Naturally, 2 only works if a.) a certificate is actually presented by the client; and b.) it is a user certificate, rather than a machine certificate.