Forum Discussion
Martin_Vlasko
Altocumulus
AltocumulusMachine Certificate Check - why does it fail?
Hi,
I am trying to implement machine certificate check for Edge Client users.
The machine certificate is stored in the default MY store and I assume I have configured the APM action correctly wit...
CentOne_190154
Nimbostratus
NimbostratusHi Martin Vlasko,
Any update regarding this issue ? I have the same result using Machine Cert Auth, the evaluation of the APM profile is failed and point directly to 'fallback' I get this line on repport:
<< machinecert_auth_ag.result' set to '-2'>>
Do you have the list of machinecert_auth_ag.result value and there meanings ? Regards,
Martin_VlaskoAltocumulus
AltocumulusHi there,
I think the extension does not matter anymore, once you import the certificate in to the cert store.
On F5 I always work with PEM format.
But maybe one more hint, in LTM SSL client side profile for this VS, the whole section "Client Authentication" is NOT enabled, because it is handled by APM.
And perhaps try to make it work first without the CRL check, just to make sure the authentication works.. then you can add the config for CRL checking - in case you need it.