Forum Discussion
This would be the origin server requesting the client certificate? I know for the client side of the connection, you can specify to always require or just once. https://community.f5.com/t5/technical-articles/client-ssl-authentication-on-big-ip-as-in-depth-as-it-can-go/ta-p/281020
"BIG-IP requests client certificate during first handshake and no longer re-authenticates client as long as TLS session is reused and valid.
The way BIG-IP does it is by using Session Resumption/Reuse.
During first TLS handshake from client, BIG-IP sends a Session ID to Client within Server Hello header and in subsequent TLS connections, assuming session ID is still in BIG-IP's cache and client re-sends it back to BIG-IP, then session will be resumed every time client tries to establish a TLS session (respecting cache timeout)."
However, I dont think this is the issue you are articulating. Think you may be after the server side of the connection, where the F5 is tearing down the session once the server resends the client certificate request.