For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

atoth's avatar
atoth
Icon for Cirrus rankCirrus
Nov 13, 2019

Way to pass client cert through vip to the servers.

I've got a customer with a vip set up. This vip has SSL Offloading enabled with a client and serverssl profile enabled on it. He want to have it so his client cert is passed through the vip so that...
application delivery
BIG-IP
iRules
jaikumar_f5's avatar
jaikumar_f5
Icon for Noctilucent rankNoctilucent
Nov 18, 2019

In default scenarios, the serverssl profile which we create does not have the cert in it. The default property is none. So basically the backend server does not perform any authentication for the LTM.

In certain cases, the backend server would require authentication, so we are required to put a cert on the server ssl profile.

 

In your case, since the flow is like a proxy, you can get the client certificate and put it on the server ssl profile.

So when the connections flows, this client cert will be provided by LTM to the backend servers.