Forum Discussion

JoeTheFifth's avatar
JoeTheFifth
Icon for Altostratus rankAltostratus
Mar 07, 2018

SSL VS Redirect to SSL VS with Client Cert Authentication

I'm working on a setup where I need the following behavior:

 

  1. User request url https://website.com on VS1

     

  2. Based on a condition in an iRule on VS1 user is redirected to a VS2 with client based authentication enabled

     

  3. VS2 has an APM policy with On-DemandCertAuth

     

The result I'm seeing is the second VS uses the website certificate (server profile certificate I guess) as the client certificate in the APM certificate validation step. APM does not use the user certificate!!!

 

I thought about using the ssl proxy forward feature.

 

Are there any configuration workarounds to make this work or am I missing something?

 

If I point the user the APM VS directly the client certificate is processed and everything is working. But I need to go through the first VS to evaluate whether or not to redirect to the second VS.

 

I have never used the the ssl forwarding proxy feature so not sure it will fulfill the need here.

 

Ant thoughts?

 

1 Reply

  • What is the condition to redirect the user to VS2?

     

    Do you mean forward or redirect?

     

    Forward is to send the connection to the virtual server.

     

    Redirect is to send back a response to the client with a link to the other virtual server.

     

    Can you share here your irule?