bylie
Aug 08, 2019Nimbostratus
F5 SSL VPN machine cert check rules
Hi,
We're migrating to a new MS PKI and were wondering how the F5 SSL VPN client handles multiple local machine certs. Is there any overview of what the rules are in this case when not using any of the issuer, serial number, ... filtering? For example:
- When 2 valid machine certs are available which one gets picked?
- When 2 machine certs are available but one is expired does the expired one get picked or will the client ignore it?