Passing SSL cert to back end servers

Question

We will be doing two way SSL on the F5.  That is once our clinets accept our ssl cert, they will also require us to present their ssl client cert which I have installed.  The question here is:&nbsp;
&nbsp;How do I then send their SSL cert to my web serves that are part of a POOL?&nbsp;
&nbsp;Thanks,
&nbsp;Jeff

colin_walker_12 · Answer

This forum is intended for discussion regarding iRules, not general product support.&nbsp;
&nbsp;I would say, however, that if you're looking to re-encrypt data on the back end of the connection, you'll want to start playing with Server SSL Profiles. As to which cert to send the servers, that's up to you.&nbsp;
&nbsp;Colin

jeff_morrison_4 · Answer

Thanks Colin,&nbsp;
&nbsp;The traffic between the F5 and the backend servers is not encrypted.  What I need to do is pass the clients ssl cert to the backend server.

colin_walker_12 · Answer

Well, you could certainly insert the contents of the cert back into an HTTP header and pass it along with the request to the back end servers and have them pull out the information. I know there are a couple good examples of that here in the forums.&nbsp;
&nbsp;Colin

Forum Discussion

Passing SSL cert to back end servers

3 Replies

Welcome! a la Communidad DevCentral LATAM de F5!

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

Recent Discussions

Scenarios where Service Policy should be used over iRule and Vice versa

Issue on connection limit

Request logging: some fields not recorded

ASM Sec-CH-UA-Full-Version-List backquote in Header

F5 Distributed Cloud Services Simulator Connect

Related Content

Passing Client CAC / Smart Card Cert to Application Server

Free Passes to AppWorld 2025 – First Come, First Served!

iRule: passing client cert to node

Passing Arguments to iCall Scripts

Integrating Hashicorp Vault with Cert Manager and F5 NGINX Ingress Controller

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS