Forum Discussion
hooleylist
Aug 19, 2009Cirrostratus
It would be good to upgrade to the latest 9.4.x version, 9.4.7 as there have been a number of important fixes since 9.4.4. For OCSP validation of the client cert, there is a default OCSP verification iRule provided. You can reference that for ideas to start with. Once I have a working version I can post that as well.
You may also want to change the cert mode from require to request so you can gracefully handle client requests which don't include a cert.
Aaron