URI based client SSL authentication

Question

Hi Guys,&nbsp;I need to implement the following:&nbsp;The customer runs a bunch of applications on the same virtual server, differenciated by the URI, as follows:&nbsp;&nbsp;&nbsp;https://customer.net/app1/&nbsp;https://customer.net/app2/
&nbsp;https://customer.net/app3/
&nbsp;&nbsp;&nbsp;Now, the customer wants to ensure that access to app1 and app2 is publically available, but access to app3 is restricted to a single client IP address (easy) and calls for client authentication via SSL certificate (difficult). &nbsp;I suppose I'm running into some kind of hen/egg problem here, needing to complete the SSL handshake before being able to decrypt the URI... Any idea how to solve this?&nbsp;I thought about dynamically changing the SSL profile when the URI /app3/ is being called and then force the client to re-connect. How would I put that into iRule code? &nbsp;Many thanks in advance!&nbsp;&nbsp;&nbsp;Greetings&nbsp;Martin&nbsp;&nbsp;

nitass · Answer

is this applicable? 
&nbsp;  
&nbsp; Selective Client Cert Authentication by Colin 
&nbsp; http://devcentral.f5.com/Tutorials/TechTips/tabid/63/articleType/ArticleView/articleId/219/Selective-Client-Cert-Authentication.aspx

Forum Discussion

URI based client SSL authentication

Recent Discussions

I used the wrong email account when take Application Delivery Exam (101)

F5 iControl REST API - viewBy Parameter Issue in Analytics Report

'F5 rules for AWS WAF' ruleset not working for jsp web shell attack

Disable ssl or https for the embed url

did not show checkbox on chrome while access through f5

Related Content

iRule based RADIUS Client Stack

BIG-IQ Client Certificate (PKI) Authentication

Selective Client Cert Authentication

Request client cert auth based on URL

Filtering traffic based on client ip address and URL

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS