Forum Discussion

Nimbostratus

Mar 10, 2005

Requiring an SSL Certificate for Parts of an Application and HTTP::header insert..

Hi! I have problems inserting SSL client x509 certificate information into HTTP::header's when client SSL certificate is required only for certain parts of an application (https virtual...

Nimbostratus

Mar 10, 2005

I had the HTTP::redirect in mind, but I think it can be little

dangerous as it is not guaranteed that the client would re-use the

SSL session.

The HTTP::redirect loop could be avoided by adding some artificial request parameter to indicate that this 'ssl-renegotiate-workaround=1' BUT as the

original HTTP request method for /needcert might be a POST its starting to

get nasty if we need to include those POST http-request paramaters into the same HTTP::redirect 'Location: ' headers as well..

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Requiring an SSL Certificate for Parts of an Application and HTTP::header insert..

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Introducing the F5 Application Study Tool (AST)

(HTTP) Redirection via Arbitrary Host Header

Log Http Headers

Automating Certificate Management on F5 BIG-IP

Insert Client Certificate In Serverside HTTP Headers

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS