SSL VS Redirect to SSL VS with Client Cert Authentication
I'm working on a setup where I need the following behavior:
-
User request url https://website.com on VS1
-
Based on a condition in an iRule on VS1 user is redirected to a VS2 with client based authentication enabled
-
VS2 has an APM policy with On-DemandCertAuth
The result I'm seeing is the second VS uses the website certificate (server profile certificate I guess) as the client certificate in the APM certificate validation step. APM does not use the user certificate!!!
I thought about using the ssl proxy forward feature.
Are there any configuration workarounds to make this work or am I missing something?
If I point the user the APM VS directly the client certificate is processed and everything is working. But I need to go through the first VS to evaluate whether or not to redirect to the second VS.
I have never used the the ssl forwarding proxy feature so not sure it will fulfill the need here.
Ant thoughts?