Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

CRLDP Authentication Profile

Hi,

anyone knows how i can configure a HTTP CRL Endpoint (http://crl.internal.com/bla/test.crl) in the authentication profile for CRLDP? I only see the IP/Host and BaseDN options there. Or is the HTTP version only supported with APM itself?

Thanks!

0
Rate this Question
Comments on this Question
Comment made 2 months ago by ictjl 244

I'm searching for the answer to this question too.

0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi Rene C.,

HTTP based CDPs are explicitly not supported by CRLDP based Authentication Profiles...

Note: Using HTTP URLs to define servers in CRLDP authentication for client certificates in BIG-IP LTM is not supported.

Source: https://support.f5.com/csp/article/K12975

You may check out the links below for alternative methods to use and auto-update HTTP based CRLs...

https://devcentral.f5.com/questions/sharing-icall-for-crl-update

https://devcentral.f5.com/codeshare/sample-linux-script-to-update-crl-file-from-certificate-authority

Cheers, Kai

1
Comments on this Answer
Comment made 2 months ago by ictjl 244

Thanks Rene C.,

I was hoping the CRLDP http functionality was available by now (running v13.1.1) especially since it's an option in the LTM CRLDP server configuration.

0