Forum Discussion
Ian_38374
Nimbostratus
NimbostratusPass Client Cert to a Specific URI
I am attempting to do SSL Offloading with a MDM solution by MobileIron. Everything seems to work fine with SSL offloading except for one URL that mobile devices use to reach a WebClip (web based app...
Justin1Nimbostratus
NimbostratusI have been trying to do the same recently. I managed to create a VIP for the appstore port and havent had an issue. As this is a message from some time ago it is unlikely you are still looking to solve this.
I do however have an issue getting the 443 port to allow enrolments and also client auth to work. Client cert auth works for existing devices but I can't enrol a new device. I tried setting the client auth to ignore to allow enrolment but then breaks as the plicy can't download as it seems it then needs client cert auth.
I tried an irule to do ssl::renegotiate but that seems to go through the iRule and then back to CLIENT_CLIENTCERT and then stops so I can't then re-process my rule to do logging and other URI blocking to the public.
Want to do this without APM if possible but it looks to not be possible.
Note: Also seems ssl::renegotiate isn't compatible with TLSv1.3 either
If anyone has an iRule that works I would be very interested