Forum Discussion
Amit_Karnik
Feb 05, 2015Nimbostratus
Ok you can definitely do what you are describing now. Setup your clientssl profile to "Request" instead of "Require" a client certificate.
This way the SSL handshake is successful for both end users which presented a certificate and those who did not.
In the CLIENTSSL_HANDSHAKE event, check if a certificate was presented and it matched any of your policies. Based on those checks setup a flag.
Now you can use the flag in the HTTP_REQUEST event to either provide access or redirect to an info page which tells users what they need.
Best.