Forum Discussion

Employee

Jan 06, 2005

Make sure client cert data passed in header to server isn't coming from client?

When BigIP is configured for client side certs and is extracting fields from the client cert and placing them in http headers to pass downstream, does it have any way of determining or checking that t...

Historic F5 Account

Mar 09, 2006

I guess doing it with an http profile would be efficient:

profile http FP_http {

defaults from http

header erase "myheader"

}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Make sure client cert data passed in header to server isn't coming from client?

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Request Client Certificate And Pass To Application

Fingerprinting TLS Clients with JA4 on F5 BIG-IP

Passing Client CAC / Smart Card Cert to Application Server

iRule: passing client cert to node

iRule to set SameSite for compatible clients and remove it for incompatible clients (LTM|ASM|APM)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS