Forum Discussion

Nimbostratus

Dec 18, 2014

Certificate based user authentication to F5 APM

We are in need to test CBA authentication to F5 using PKI tokens. Instead of proving AD username and password, user inserts his token(Having user certificate) to client machine and provides pin to th...

BIG-IP Access Policy Manager (APM)

security

amolari

Cirrus

Dec 18, 2014

F5 will be able to check the user certificate but in no way if it's on a token or not (this "info" is not available at all in the communication). Here it's a PKI policy that helps. You should either have

certificates on token are issued by a specific CA (higher assurance): the APM will check only client certs issued by that CA
certificates on token have specific properties: the APM can check this properties (that will require an iRule)

Hopefully you have already deployed you certificates in a way that you can apply either 1) or 2)

Forum Discussion

Certificate based user authentication to F5 APM

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Demystifying iControl REST Part 6: Token-Based Authentication

BIG-IQ Client Certificate (PKI) Authentication

Doing mTLS Authentication per URL

Re: Management Certificate

Client Authentication with certificate on one URI only