Forum Discussion

Altostratus

Apr 15, 2014

SSL client certificate authentication frequency and SSL Session ID

Hi, I'm trying to write a very simple iRule to insert SSL Session ID value in HTTP request header. I require the client authentication in the Virtual Server sslclient profile and I've noticed t...

ssl client authentication

ssl::sessionid

nitass

Employee

Apr 15, 2014

Can anyone explain why the SSL Session ID is empty or has a value depending on the client authentication frequency parameter?

i understand null session id is used because bigip requires client authentication fro each connection (always).

The server may return an empty session_id to indicate that the session will not be cached and therefore cannot be resumed.

The TLS Protocol Version 1.0

https://www.ietf.org/rfc/rfc2246.txt

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SSL client certificate authentication frequency and SSL Session ID

Recent Discussions

unable to question about getting hsl data to be formatted properly in splunk

question about getting hsl data to be formatted properly in splunk

Problem with lets encrypt and redirect after update

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

REST API to download License JSON report?

Related Content

APM Clientless certificate authentication

BIG-IQ Client Certificate (PKI) Authentication

Automating ACMEv2 Certificate Management on BIG-IP

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

Doing mTLS Authentication per URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS