Forum Discussion

Nimbostratus

Aug 11, 2009

bypassing client authentication

i've got a virtual server listening on 443 which uses both a certificate for SSL and also requires client authentication. this works fine i've now been informed of another set of users ...

config

design

hooleylist

Cirrostratus

Aug 14, 2009

I think you could start with something like this:

 
 when CLIENTSSL_HANDSHAKE { 
   if { [SSL::cert count] > 0 } { 
     HTTP::release 
   } 
 } 
  
 when HTTP_REQUEST { 
   if {not ([HTTP::uri] starts_with "/abc/") } { 
     if {[SSL::cert count] == 0} { 
       HTTP::collect 
       SSL::authenticate always 
       SSL::authenticate depth 9 
       SSL::cert mode require 
       SSL::renegotiate 
     } 
   } 
 }

Aaron

Forum Discussion

bypassing client authentication

Recent Discussions

Wildcard SSL Certificate Deployment on F5 LTM

URL

Big-IP Next 20.2.0-2.375.1+0.0.43 iRule count problem

Problems connecting to vpn after upgrading to ubuntu 24.04

iRule resulting in too many redirects

Related Content

Doing mTLS Authentication per URL

BIG-IQ Client Certificate (PKI) Authentication

Selective Client Cert Authentication

Application Programming Interface (API) Authentication types simplified

iControl REST Authentication Token Management