Forum Discussion

Nimbostratus

Oct 23, 2019

iRule for OSCP auth

Hi. I'm trying HTTPS traffic offload with client authentication using BIG-IP VE on AWS. And when Client Cert is expired or revoked, I want to show the user another web page. I am going to use...

Cumulonimbus

Oct 24, 2019

Hi,

So you are basically attempting to do OCSP verification on LTM only and not via APM ? Right ?

If so I think you cannot do it unless using C3D (but this requires F5 to generate client certificates on the fly to present to backend). But even then, this will just DROP the connexion. Not sure you can present a nice page there.

With APM and OCSP responders objects it's more flexible.

Yoann

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule for OSCP auth

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How to configure pool to go down if multiple members are down

Terraform LTM provider - ICMP disabled on resulting VIPs

AS3 Storage

Problems connecting to vpn after upgrading to ubuntu 24.04

How can I run the ‘Network Map’ feature from the CLI or how can I view this information?

Related Content

IOWN APN, Trends, Airport and Port security, OSCP+, Aug 25th - Aug 31st - This Week In Security

Bolt-on Auth with NGINX Plus and F5 Distributed Cloud

Google Authenticator iRule For Two-Factor Auth With LDAP

Insert Basic Auth Header

Python SDK Cookbook: Working with Auth Tokens

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS