SSL Profiles Part 8: Client Authentication
Updated Mar 25, 2023
Version 3.0Was this article helpful?
Hi Daniel...great question! Yes, if you install a certificate signed by a CA (like DigiCert), then clients with that signed certificate would be able to connect. The BIG-IP would effectively be told to accept connections from a signed DigiCert (or whatever you use) certificate. You could move back to the self signed cert if you want. But, I'm wondering if there's another solution for accepting clients. Maybe you could try other options rather than having to use Client Authentication? Obviously I don't know all the details of your setup, but I'm just thinking there might be some other ways to accept some clients and not others. Do you have ASM running by chance?