F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Icon for Cirrostratus rank

Cirrostratus

Mar 10, 2016

Setting up CAS server with certificate based authentication

Hi All, Does anyone tried to use this or tried to done this kind of setup. When I use the client and server ssl profile it always fail, but when I removed both client and server ssl profile...

application delivery

Icon for Cirrus rank

Cirrus

Mar 11, 2016

Hello,

This is a common scenario where you configure client cert authentication on the F5 VIP protecting the pool of CAS servers.

The client cert auth is feasible using LTM only by correctly setting up a client ssl profile.

But the Web SSO feature require APM module. If you ask only client certificate, so you must configure Kerberos Delegation on the BIG-IP and activate Kerberos authentication on the CAS servers.

I suggest you to add the UPN or the e-mail address of the user within the certificate so that by doing an AD query, you can retrieve all required attributes.

Icon for Cirrostratus rank

Cirrostratus

Apr 17, 2016

Yann Hi, May I know if can do this using LTM only? As you said I just need to configure client SSL correctly.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

Community Articles

application delivery

container ingress services

F5 Architecture Track Sessions - AppWorld 2026

DevCentral News

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5