Prompt for certificates APM
My scenario:
I am attempting to prompt the user for the certificates he wishes to use to authenticate them self to my application. From the certificate, all that I care about is the username that is within it, ex: CN=joeBob . My plan is then: 1) User inserts CAC 2) F5 prompt for certificates prompt 3) parse certificate and grab out username 4) do some AD query with that username
I am stuck on the first part of the problem, step 2, where I cannot seem to prompt the user for a certificate. Here is how my APM policy looks like:
On-Demand Cert Auth is set to 'Require'
My virtual server is set to use a tomcat client cert and the default ssl cert for the server. (I am doing this as the client cert being presented to the user, is from the application server hosting my application. The user should still validate that they are connecting to the right place) And the default ssl cert is the one I am using to ensure traffic is encrypted between tomcat and F5.
Here is a picture of how my client profile looks like:
The problem: By using this combo, the user is never prompted to select the certificates that they wish to identify with. What am I doing wrong?