SSL authentication bypass on XC cloud F5

Question

We have managed engine agent-based application which run over https protocol, every agent has unique self-signed certificate. Normally when connection is got initiated at that time agent certificate is gets authenticate with SSL certificate and connection is successfully established but when we onboarded this on F5 WAF with SSL certificate it is giving 403 http error code, so as per analysis we are getting 403 error code dues to authentication failure.

So, is there any possibility to bypass SSL authentication on F5 XC WAF?

zamroni777 · Answer

you can try this guide.Securing Applications using mTLS Supported by F5 Distributed Cloudit puts information from the client certificate into http custom header.so your app server will need modification to read the header.&nbsp;

ab7 · Answer

the query is for Cloud F5 XC WAF

nikoolayy1 · Answer

If you are doing a decryption on the F5 XC HTTP LB the XC WAF will not block you because of an SSL cert. Maybe review better the reason for the issue.
&nbsp;
You can bypass the WAF also in service policies with more granularity like source IP , HTTP Header and bgp ASN:
&nbsp;
Service Policy | F5 Distributed Cloud Tech Docs

Forum Discussion

SSL authentication bypass on XC cloud F5

Recent Discussions

self-directed requests fail because of no certificate

Decode ObjectSID from Base64-encode string

iRule - Url rewrite and header replace and pool selection not working

ip x-forwarding

F5 ASM API-Protection Policy

Related Content

Reduce Login Friction with F5 Distributed Cloud Authentication Intelligence

ForgeRock with F5 Distributed Cloud (XC) Account Protection and Authentication Intelligence

A complete Multi-Cloud Networking walkthrough with F5 Distributed Cloud

F5 Distributed Cloud - Listener Logic

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS