irule for cn value client certificate authentication

Question

Hi,
We are doing client certificate authentication using client ssl profile with request setting and it is working. We want to achieve following (requirement is little weired) - &nbsp;
Anyone coming without client certificate, should be able to connectAny client who presents its certificate to server should be able to connect only if it has specific CN.
The point2 would require the irule otherwise clients with any CN would be able to connect.&nbsp;
Thanks&nbsp;

ekaleido · Answer

What's the point? If they present a bad certificate they could just stop sending a certificate and be able to get in. And checking the CN is not a very secure thing to check since it could be a faked value. You could potentially give a malicious person access to something you're trying to protect.

Forum Discussion

irule for cn value client certificate authentication

1 Reply

Recent Discussions

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Related Content

BIG-IQ Client Certificate (PKI) Authentication

SSL Profiles Part 8: Client Authentication

Thumbprint of the client ssl certificate

APM Clientless certificate authentication

F5 BIG-IP Access Policy Manager (APM) - Google Authenticator and Microsoft Authenticator