Forum Discussion

Nimbostratus

Feb 14, 2019

Client Authentication - REQUEST

Can someone provide more detailed information around the workings of the F5 when client authentication is on and set to REQUEST. I am struggling with the use of that setting. We are trying to use t...

Altostratus

Feb 14, 2019

See this article https://support.f5.com/csp/article/K14783

[Below content copied from above article]

The Request setting is often used in conjunction with iRules to provide selective access depending on the certificate presented.

For example, this option is useful if you want to allow clients who present a certificate from the configured trusted CA to gain access to the application, while redirecting clients who do not provide the required certificate are to a page that details the access requirements.

However, if you are not using iRules to enforce a different outcome, depending on the certificate details, there is no functional benefit to using the Request setting instead of the default Ignore setting. In both cases, the system establishes an SSL session, regardless of the certificate presented, and it proxies the connection to the default pool.

Hope this helps!

Forum Discussion

Client Authentication - REQUEST

Recent Discussions

GTM Packet Capture command

How to Implement 2 Way SSL in F5 LTM

BWC iRule

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

Related Content

OCSP: Bad Request

Client Certificate Authentication - QR Codes - Client Request

Selective mutual authentication by HTTP::Host

About client profile (apm-forwarding-client-tcp)

How to disable weak cipher from Client SSL Profile