Forum Discussion
ab7
Nimbostratus
NimbostratusSSL authentication bypass on XC cloud F5
We have managed engine agent-based application which run over https protocol, every agent has unique self-signed certificate. Normally when connection is got initiated at that time agent certificate ...
zamroni777
MVP
MVPyou can try this guide.
Securing Applications using mTLS Supported by F5 Distributed Cloud
it puts information from the client certificate into http custom header.
so your app server will need modification to read the header.
ab7Nimbostratus
Nimbostratusthe query is for Cloud F5 XC WAF
- Nikoolayy1
If you are doing a decryption on the F5 XC HTTP LB the XC WAF will not block you because of an SSL cert. Maybe review better the reason for the issue.
You can bypass the WAF also in service policies with more granularity like source IP , HTTP Header and bgp ASN:
