Forum Discussion
hooleylist
Aug 22, 2011Cirrostratus
Hi Jeroen,
Which LTM version are you testing with? Are you enforcing a client cert with OCSP checking for all URIs or selectively? If you remove the OCSP portion of the config does the client cert validation work?
I tested an OCSP iRule for selective cert requesting by URI on v9.4.8:
http://devcentral.f5.com/wiki/iRules.client_cert_request_by_uri_with_ocsp_checking.ashx
You could either use that as an example to add debug logging for your iRule or update it for 10.x to make it CMP compatible.
Aaron