insert client cert http header into ssl handshake

Question

In a LTM environment taking in HTTP traffic with a client certificate contained in an http header would it be possible for an irule to grab the header contents and insert ther client certificate into an SSL handshake with a backend pool? &nbsp;
&nbsp;Is it possible to do any manipulation within the CLIENTSSL_HANDSHAKE or CLIENTSSL_CLIENTCERT events?&nbsp;
&nbsp;Thanks!

tom_spector_50 · Answer

Since client side certificate uniquely identifies the user so that it cannot be impersonated (the user signs the message with its private key), it is impossible to impersonate that user i.e. LTM cannot use the certificate in a handshake with a server.
&nbsp;You can keep the information in the header and send it to the server either encrypted or not but as a regular HTTPS request and not as a client side certificate request.&nbsp;
&nbsp;Thanks,&nbsp;
&nbsp;Tom.&nbsp;

Forum Discussion

insert client cert http header into ssl handshake

Recent Discussions

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Related Content

TCP Internals: 3-way Handshake and Sequence Numbers Explained

Security Headers Insertion

Inserting a http header on the response to the client

Insert Client Certificate In Serverside HTTP Headers

Restricting number of concurrent TLS handshakes using Max Active Handshakes on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS