Forum Discussion
Aug 17, 2017
TLS Client Authentication from Server SSL Profile
Hi all
We have a requirement to enable an outbound (internet) flow from some internal servers. Sitting near the edge of the network is an LTM that will proxy the connection from the servers, and is...
Yann_Desmarest_
Nacreous
Aug 17, 2017Hi,
If you configure TLS Client Authentication on your backend server, you must disable SSL processing on the Virtual Server configured on the BIG-IP. TLS Client Authentication is not passed from clientside to serverside as F5 device doesn't have the private key of the user.
Alternatively, you can apply a valid certificate/key to the SSL Server profile to do client certificate authentication between the bigip device and the backend server. But it's only one certificate for all users.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects