Forum Discussion
iRule to require SSL Client Certs for a URI
Working on developing a Rule based on the SSL Client Cert for URI in Docs and Tips. We first tried the rule verbatim with the exception of changing the URI to match what they wanted to protect. This...
I tried a bit more on this rule and I get varying results depending on which peer cert mode I start with in the clientssl profile.
For example if I start with ignore. Setting SSL::cert mode request and then forcing a renegotiation does not cause a prompt for a cert.
If I start with request, then all requests get prompted for SSL certs as expect, though the desired result is for only a specific URI path to request certs even.
One question I have is, Does the setting of auto for peer cert mode mean to ignore client certs unless I explictly turn them on in an iRule? The docs are a little unclear there.
