Forum Discussion

ptate_72056

Nimbostratus

Jul 06, 2011

Client side SSL with client certificate handled elsewhere

Hi All, We have a requirement to receive a request over SSL. The request will contain a client certificate. In our solution we will terminate the SSL request at BigIP as normal but we need t...

config

design

hooleylist

Cirrostratus

Jul 06, 2011

Hi Phill,

TMM can't use the client's cert in an HTTP (or even in an HTTPS) request to the server. HTTP doesn't support client certs. And TMM doesn't have the client's private key to do this via SSL.

You can insert the entire cert base64 encoded or specific cert attributes in a custom HTTP header though. Here's one example:

http://devcentral.f5.com/wiki/default.aspx/iRules/InsertCertInServerHeaders.html

Aaron

Forum Discussion

Client side SSL with client certificate handled elsewhere

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

Intermediate iRules: Handling Strings

Automating ACMEv2 Certificate Management on BIG-IP

Re: Management Certificate

Automate Let's Encrypt Certificates on BIG-IP

Intermediate iRules: Handling Lists