Forum Discussion
jondyke_46152
Nimbostratus
Nimbostratuspass through client certificate irule
I am currenlty using the irule below for performing SSL passthrough on traffic. Is there any way I could midify this irule so that it only passed through SSL traffic that has a client certificate at...
Chris_Miller
Altostratus
AltostratusPosted By jondyke on 02/08/2011 05:41 AM
APM would definately sort the issue but there is no budget for this at the moment. The reason we wish to do this is that there is currenlty a project underway where we are creating a new website which will have multiple services. It is desirable to perform offload on this site to allow compression and other irules to be used.
Having a think about this a bit more would it be possible to do the following:-
Offload all SSL traffic with a client profile.
Check the now un-encrypted traffic to see if a client certificate is actually attached.
If there is a client certificate attached re-encrypt the traffic with a server SSL profile and send through to the servers (with the original client certificate included)
If no client certificate attached then pass traffic to pool over http
Thanks again
Jon
I can't think of any reason that wouldn't work. Unless others can think of something?
