One to one SSL Mapping

Question

Hi All, &nbsp;
&nbsp;On Microsoft IIS, we can do a one-to-on certificate mapping so each user has his/her own certificate embedded in the browser for authentication. &nbsp;
&nbsp;Can we do the same in Firepass by anyhow?? Or better if we can do it using BIG-IP APM??? &nbsp;
&nbsp;Thanks,&nbsp;&nbsp;&nbsp;

mike_61719 · Answer

Are you referring to seperate certificates for each user? So Mike will have certificate 1 and Zaid will have a different certificated 2?

zaid_rufaie_297 · Answer

Sorry for the late reply! Yes this is exactly what i meant.

minn_62043 · Answer

In FirePass, you can add "Client Cert Check" in Pre-logon sequence.  
&nbsp; Users &gt; Endpoint Security &gt; Pre-Logon Inspection &gt; Client Certificates 
&nbsp;  
&nbsp; And edit the rule to match something in the current session variables. (e.g if you have a specific CN name that matches some of the unique user session variables). 
&nbsp;  
&nbsp; I haven't tested, though =)

mike_61719 · Answer

Posted By Zaid Rufaie on 06/15/2011 02:47 AM 
&nbsp;Sorry for the late reply! Yes this is exactly what i meant. 
&nbsp;

&nbsp;Yes, you can do this. You either need a certificate server or use a local user accounts within Firepass to generate unique certificates.

Forum Discussion

One to one SSL Mapping

Recent Discussions

Can you set Kerberos AAA server via session variable?

HTML Code injection Not detected by ASM

What will be happen to live and existing connections when failover HA BIG IP active-standby

SSL Offload and remove FQDN

High CPU utilization (100%).

Related Content

Network MAP PHP

One to One client to server mapping

Perl Local Traffic Map

IF-MAP Secure Web Gateway for 11.5

Ps Local Traffic Map

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS