IMAP(s) with SSL Offloading with Client Certificate Authentication

Question

Hi,&nbsp;
I would like to know if it is possible to put in place a VS on the port 993 + SSL Client Profile with Require enable to force the email client to provide a client certificate.&nbsp;
When the client will be authenticate by the F5, I will forward the IMAP Connection to the backend on the port 143.&nbsp;
Do you know if it's working like that ?&nbsp;
Thanks a lot.
Morgan&nbsp;

youssef1 · Answer

Hi,
As you know IMAP is an application layer Internet Protocol using the underlying transport layer protocols to establish host-to-host communication services for applications. This allows the use of a remote mail server. The well-known port address for IMAP is 143.
So in fact IMAPS (IMAP over SSL) allows IMAP traffic travel over a secure socket to a secure port, typically TCP port 993.
Internet IMAP port 993 SSL &lt;&gt; F5 Load balancer + Cert auth &lt;&gt; Exchange port 143 
But I think that the problem will come from App client (messaging app) that can't negociate auth using a cert.
it's like the exchange client using OutlookAnywhere. cert auth was not possible in spite of the ssl / tls...
the best way is to test but I do not believe in this type of deployment
hope it's clear. regards,

Forum Discussion

IMAP(s) with SSL Offloading with Client Certificate Authentication

Recent Discussions

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

How to Renew F5 Device Certificate

F5 ASM CEF Sending Logs in Specific TimeZone

Inquiry About the "ast-api-discovery" Repository

Related Content

APM Clientless certificate authentication

BIG-IQ Client Certificate (PKI) Authentication

Automating ACMEv2 Certificate Management on BIG-IP

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Help F5 Transform the BIG-IP Administrator Certification

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS