Forum Discussion
LDAPS and renegotiation
Hello, hope everyone is well!
we have a requirement to present 2 different issuer/signed certificates based on the incoming client IP. I am pretty sure from an HTTP perspective I would do something like this
when CLIENT_ACCEPTED {
if {([class match [IP::client_addr] eq signer_list_of_client_A_IPs]) } {
SSL::profile cert_with_issuer_type_A
} else {
SSL::profile cert_with_issuer_type_B
}
}
when HTTP_REQUEST {
SSL::renegotiate
}
Question I have is whether this would work for LDAPS clients and how (if needed at all) the renegotiation step would be achieved, given that the HTTP_REQUEST will not be available.
Many thanks
Jon
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com