Forum Discussion

MarMottE_161214's avatar
MarMottE_161214
Icon for Nimbostratus rankNimbostratus
Jun 18, 2014

client cert inspection doesen't work on IE

Hello all,

 

I try to make a client inspection certificate with the APM module, but when i try to access the website it's not working.

 

The web browser present the certificate but after I can't reach the servers with the client certificate as request.

 

When I make client certificate as Require, iI can't reach the servers and I take the fallback rule in my policy

 

Do you have an idea ?

 

My APM policy is

 

Start -> Client cert Inspection -> Logon Page -> AD AUTH -> SSO Credential mapping -> SSO Domain assign -> Allow

 

Thanks in advance

 

APM
application delivery
LTM
security

2 Replies

Sort By
  • Cody_Green's avatar
    Cody_Green
    Icon for Employee rankEmployee
    Jun 21, 2014

    What do your client authentication parameters look like? You need to have Client Certificate set to request and the trusted certificate authorities set to the CA that signed the client certificate.

     

    Check out my post on iOS Per app VPN under the Configuration section, it covers this configuration.

     

  • MarMottE_161214's avatar
    MarMottE_161214
    Icon for Nimbostratus rankNimbostratus
    Jun 23, 2014

    Hi Cody,

     

    I have the same configuration and Client certificate as Request.

     

    With this configuration it's working but if there is not certificate on the client computer it is still allowed to connect to servers in back. And I want to restricted access to the node server if the certificate is not present on the computer

     

    I have try to make Client certificate as Require but with this configuration it"s not working the flow take the fallback rules directly and I have the error message : Internet explorer can't display this page.