Forum Discussion

Nimbostratus

Jan 24, 2011

pass through client certificate irule

I am currenlty using the irule below for performing SSL passthrough on traffic. Is there any way I could midify this irule so that it only passed through SSL traffic that has a client certificate at...

Cirrostratus

Jan 24, 2011

Chris, I think you're right that this wouldn't be simple.

Jon, if the servers are currently validating the client cert or credentials, why would you need to check for a client cert on LTM?

I think you either need to do all of the cert validation on LTM with a client SSL profile always enabled, or not try to do it at all on LTM. APM would probably make the cert parsing and validation a lot easier compared with an iRule. But that would require all client SSL be terminated on LTM.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

pass through client certificate irule

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

JSON Web Key Set Endpoint

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

SSL Client Certification Alert 46 Unknown CA

HTTPS Routing based on Client Certificates values with F5 Distributed Cloud

BIG-IQ Client Certificate (PKI) Authentication

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS