Forum Discussion

Historic F5 Account

Oct 24, 2005

iRule to require SSL Client Certs for a URI

Working on developing a Rule based on the SSL Client Cert for URI in Docs and Tips. We first tried the rule verbatim with the exception of changing the URI to match what they wanted to protect. This...

Altostratus

May 28, 2006

I have tested this rule. it seems that start with profile cert ignore, then changing the cert mode to require, client will prompt for a certificate. but after apply the certificate. the connection will be rejected.

after do a tcpdump of the ssl connection. it seems that client will setup a new TCP connection to VS after renegotiation, that cause the rules can't process in same session. so the connection breaks.

how can we keep SSL::renegotiation in same connection?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

iRule to require SSL Client Certs for a URI

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

iRule based RADIUS Client Stack

iRULE - Redirect irule - Help required

iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

BIG-IP APM: How to streamline your access requirements

Upcoming Action Required: F5 NGINX Plus R33 Release and Licensing Update

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS