Forum Discussion

Nimbostratus

Aug 22, 2011

Electronic ID - user authentication with ocsp

All, I have a problem regarding my BIG IP ASM installation. We have an application that is requesting a certificate to login. This is an Electonic Identity that is issued by our g...

config

design

hooleylist

Cirrostratus

Aug 22, 2011

Hi Jeroen,

Which LTM version are you testing with? Are you enforcing a client cert with OCSP checking for all URIs or selectively? If you remove the OCSP portion of the config does the client cert validation work?

I tested an OCSP iRule for selective cert requesting by URI on v9.4.8:

http://devcentral.f5.com/wiki/iRules.client_cert_request_by_uri_with_ocsp_checking.ashx

You could either use that as an example to add debug logging for your iRule or update it for 10.x to make it CMP compatible.

Aaron

Forum Discussion

Electronic ID - user authentication with ocsp

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

RADIUS server authenticating user with Google Authenticator

DEVCENTRAL END-USER LICENSE AGREEMENT

Doing mTLS Authentication per URL

Application Programming Interface (API) Authentication types simplified

iControl REST Authentication Token Management