Client Certificate Authentication - Exchange 2016 iApp

Question

I have the Exchange 2016 iApp setup and working. I want to configure client certificate authentication for OWA/ECP/ActiveSync, and possibly OA in the future. Has anyone successfully accomplished this within the iApp, or do I need to consider doing a generic SSL passthrough profile of some kind?

keesvandenbos · Answer

Do you use both LTM and APM or LTM only?
&nbsp;And should your exchange server perform the client cert authentication or the BIG-IP?&nbsp;
Cheers,&nbsp;
Kees&nbsp;

cgpearson_37419 · Answer

Just LTM is all we have. The Exchange server will need to do the client certificate authentication.&nbsp;

keesvandenbos · Answer

I would build a simple virtual server on port 443 with source address persist and no SSL off and onloading (So SSL bridging, no ssl profiles and no http profile)&nbsp;
You could use a performance layer 4 virtual server for this.&nbsp;
Cheers,&nbsp;
Kees&nbsp;

Forum Discussion

Client Certificate Authentication - Exchange 2016 iApp

3 Replies

Recent Discussions

CWE-20: Improper Input Validation

monitor a pool that consists of Linux Squid Servers

Reliable resources for identifying IP addresses

VPN fragmented IP packets dropped

Reset cause

Related Content

APM Clientless certificate authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator

BIG-IQ Client Certificate (PKI) Authentication

Automating ACMEv2 Certificate Management on BIG-IP

Doing mTLS Authentication per URL