Forum Discussion

Willda71_98408's avatar
Icon for Nimbostratus rankNimbostratus
Sep 28, 2011


Hi there,



First post and I know very little about the F5 big-ip other than we have them. So apologies there




We are looking to implement a solution whereby users must use SSL to access a particular web app if they have the correct client cert. For users who don't have the cert yet we want the solution to automatically revert to use HTTP for this app and continue. We want it to be seamless to the user.




We plan on using the BIG-IP for the SSL termination at the perimeter.




Can the big-ip detect that the users machine doesn't have the cert and redirect to http? Or am I way off course here?






1 Reply

  • You may want to post this topic under the iRule section., that is if your BIG-IP is LTM. I do not see a way to do it without writing an iRule that will detect client cert. If you have APM (Acess Policy Module), then you can easily do it without iRule.