Forum Discussion

Nimbostratus

Dec 04, 2013

SSL Hook command

Hello, Is it possible to invalide a TLS browsing session? i.e. with client using chrome browser and a VIP configured on F5 with client certificate requirement will not ask for client certificate...

Employee

Dec 04, 2013

You can definitely invalidate an SSL session with the SSL::session invalidate command:

https://devcentral.f5.com/wiki/iRules.SSL__session.ashx

But getting the browser to actually prompt more than once is generally not something that can be controlled. Most browsers will remember the last selection and reselect the same certificate if the server requests it repeatedly.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)