Forum Discussion
CirrostratusLTM Authentication Profile LDAP Cert Feature in APM?
CirrostratusHi AubreyKingF5 ,
It was not possible to use the same features like in ACA.
The problem is that we only have the action "Client Certificate is valid" but no "Client Certificate is available" like in ACA.
APM:
ACA:
Even with the flexibility of APM we couldn't get to the point to have the same functionality like ACA.
The only possible way would be to use iRuleLX (NPM) but this would be quite complicated and questionable if it also works with the high traffic volume they have here at the customer.
CirrostratusUpdate to this Issue:
Customer is facing another problem trying to migrate from ACA to APM.
They have a API behind a VS and APM with Cert Auth. The problem is now that when a machine client is using this API it will check the client certificate (APM On-Demand Cert Auth Block). This will lead to a first redirect to /my.policy which confuses the client with his POST request, the redirect is not done on the client.
With ACA this was possible since we didn't had the redirect first when checking the cert auth.
We will now open a case for this at F5 support since migration from ACA to APM is not possible like this.
Maybe you have some news with your tests on the APM AubreyKingF5 ?
