Forum Discussion

Zaid_Rufaie_297's avatar
Icon for Nimbostratus rankNimbostratus
Mar 10, 2011

One to one SSL Mapping

Hi All,



On Microsoft IIS, we can do a one-to-on certificate mapping so each user has his/her own certificate embedded in the browser for authentication.



Can we do the same in Firepass by anyhow?? Or better if we can do it using BIG-IP APM???







4 Replies

  • Are you referring to seperate certificates for each user? So Mike will have certificate 1 and Zaid will have a different certificated 2?
  • In FirePass, you can add "Client Cert Check" in Pre-logon sequence.


    Users > Endpoint Security > Pre-Logon Inspection > Client Certificates



    And edit the rule to match something in the current session variables. (e.g if you have a specific CN name that matches some of the unique user session variables).



    I haven't tested, though =)
  • Posted By Zaid Rufaie on 06/15/2011 02:47 AM


    Sorry for the late reply! Yes this is exactly what i meant.



    Yes, you can do this. You either need a certificate server or use a local user accounts within Firepass to generate unique certificates.