Forum Discussion

Martin_Kaiser_1's avatar
Icon for Nimbostratus rankNimbostratus
Jan 12, 2012

URI based client SSL authentication

Hi Guys,


I need to implement the following:


The customer runs a bunch of applications on the same virtual server, differenciated by the URI, as follows:




Now, the customer wants to ensure that access to app1 and app2 is publically available, but access to app3 is restricted to a single client IP address (easy) and calls for client authentication via SSL certificate (difficult).


I suppose I'm running into some kind of hen/egg problem here, needing to complete the SSL handshake before being able to decrypt the URI... Any idea how to solve this?


I thought about dynamically changing the SSL profile when the URI /app3/ is being called and then force the client to re-connect. How would I put that into iRule code?


Many thanks in advance!









1 Reply

  • is this applicable?



    Selective Client Cert Authentication by Colin