Forum Discussion
iRule to access F5 certificate store
- Jun 08, 2016
As it turns out, I really misinterpreted what I needed for this. This function is provided through the Server SSL profile where it will do the F5 to Server authentication. I'm still pretty new to this type of functionality with LTM, so thanks to everyone for giving me quick responses.
Strictly speaking, the client certificate is presented to the server during the SSL handshake and after the server requests it. More important, after the client sends its certificate, it sends a separate message that is digitally signed with its private key. In other words, once you've decrypted the traffic on the client side you cannot send the client's certificate to the backend server in an SSL handshake because you wouldn't have access to the client's private key.
So what we need to define now is how you need the client certificate. If your application can accept it in an HTTP header that's the absolute easiest option.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com