SSO based on Client Certificate

I guess you are referring to client certificate authentication.

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-authentication-single-sign-on-11-6-0/16.htmlconceptid

I tried the link and it does not work, for what I am trying.

I am trying to use the SAP SSO client. It installs certificates on the user's machines when installing the SAP SSO Client. When you access the application you are presented with the Certificate and all you need to do is acknowledge that the correct one is listed and you are logged in.

If I remove the SSL Profiles on the LTM then it works perfectly, but I have the issue that we wont to be terminating the SSL Connection on the F5 instead of the server. So the minute I enable an SSL Profile the system does not work.

Any ideas on how to get that to work, so that the users presented certificate is accepted and they are logged on without being prompted for Credentials.

Hi Sulaiman,

You need to configure SSL forward proxy.

You may want to refer to the Soln doc on this - https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14783.htmlsubsect3

Implementation doc - https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-ssl-administration-11-5-0/12.html?sr=41398569