ProxySSL - tracking the client

Question

Consider the following scenario:
A virtual server is defined with a ProxySSL rule to inspect traffic before passing the stream to another virtual server.&nbsp;
Question:
If a connection is inspected, then rejected by the ProxySSL VS for some reason, is there any way to associate the connection with a client other than source IP?  Is there any way to determine the client certificate or the SSL session ID in the ProxySSL VS?&nbsp;

kevin_stewart · Answer

I'm a little confused by your description. ProxySSL, being a man-in-the-middle SSL mechanism, needs a direct client to server SSL negotiation. So do you mean the client is negotiation SSL (through your ProxySSL-enabled VIP) to another physically separate device downstream?

randy_abrams · Answer

Yes I mean the client is negotiation SSL (through a ProxySSL-enabled VIP) to another physically separate device downstream.&nbsp;

Forum Discussion

ProxySSL - tracking the client

Recent Discussions

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Client SSL Profile set to Require Client Certificate breaks RDP in APM

Related Content

Link Tracking

Enhance your Application Security using Client-side signals

Content type tracking

Enhance your Application Security using Client-side signals – Part 2

Upgrade APM edge client

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS