Forum Discussion

Nimbostratus

Apr 10, 2019

APM On-Demand Cert Auth failure even though cert exists and is valid

I have a multi-path VPE. The first path is for automated systems which are detected based on client ip and take a branch using that logic. I know this path is working because I already have systems u...

application delivery

BIG-IP Access Policy Manager (APM)

ackaljn

Nimbostratus

Apr 10, 2019

I've noticed the session.ssl.cert.valid variable values seem backwards. Pulled from a currently connected session that went through a On-Demand Cert Auth:

session.ssl.cert.exist=1

session.ssl.cert.valid=0

session.ssl.cert.whole contains the entire cert, it should exist if the client presents a cert.

I looked at the default successful branch rule for On-Demand Cert Auth and its "expr { [mcget {session.ssl.cert.valid}] == "0" }"

Forum Discussion

APM On-Demand Cert Auth failure even though cert exists and is valid

Recent Discussions

Rewrite profile statistics in ltm

Need help on i-rule to specific uri path

F5 Distributed cloud Account

Issues with F5 appliance black holeing traffic

BD Key Failed and F5 stucked Offline state after update

Related Content

Monitoring Failure OAuth request

APM Cookbook: On-Demand VPN for iOS Devices

Mitigating OWASP Web Application Risk: Security Logging & Monitoring Failures using F5 XC Platform

BIG-IQ backup failure

Mitigating OWASP Web Application Risk: Identification and Authentication Failures using F5 XC