Use Machine cert for CRLDP ?

Question

Hello All, &nbsp;
 &nbsp;
I am trying to use a machine certificate to accomplish the following which I am hoping is possible;  We need to have use the windows machine cert for authentication the required checks is to first make sure the certificate is not revoked, then extract the SubjectAltName from the cert which contains the computer name then use an LDAP query to verify the computer name is valid. &nbsp;
 &nbsp;
I have an access policy in place to do a machine cert check but when I add CRLDP process after i get the following error:&nbsp;
CRLDP Auth agent: Failure status 'Failed to create cert x509'&nbsp;
 &nbsp;
So I am thinking since it is not an SSL client cert that I would have to do a variable assign but have been unsuccessful so far also cannot find anyway to parse a machine cert with an iRule. &nbsp;
 &nbsp;
Any help on solving this issue would be great &nbsp;
 &nbsp;
thanks in advance, &nbsp;
 &nbsp;
Jason &nbsp;

vandenhoutenp_9 · Answer

Hi Jason,

Did you ever get this working? I'm looking to use a CRLDP to validate machine certificates but I'm not having much luck.

Thanks

Peter

kevin_stewart · Answer

Please see: https://devcentral.f5.com/questions/machine-certificate-revocation-checks&nbsp;

Forum Discussion

Use Machine cert for CRLDP ?

2 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP in https that redirect to another vip in https

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Unblock Request WAF

F5OS login with admin/root failed via console

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Related Content

NGINX Virtual Machine Building with cloud-init

F5 Access App and Machine Cert Auth

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

APM CRLDP

Ubuntu Virtual Machine for NGINX Microservices March 2022 Labs

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS