Forum Discussion

Nimbostratus

Nov 08, 2012

SSL Client certificate LDAP authentication

I'd like to configure the BIG-IP LTM to authenticate some clients using LDAP authentication. That Clients have a SSL client certificate. This certificate is made from private CA on OpenSSL. ...

config

design

Kevin_Stewart

Employee

Nov 12, 2012

If you're seeing an LDAP query then you've made it past the SSL handshake. In your capture, you should see the successful bind, then the request (query), and a response. The response should show a returned value for the given query, not just success(0). If the LDAP query doesn't return a value, ACA shuts down the connection.

The certificate LDAP mechanism in ACA is wired to extract and match the certificate CN to the LDAP/AD attribute that you specify.

Forum Discussion

SSL Client certificate LDAP authentication

Recent Discussions

How to Implement 2 Way SSL in F5 LTM

Open Redirection Mitigation

Azure DP-100 Exam Questions

GTM Packet Capture command

Wildcard SSL Certificate Deployment on F5 LTM

Related Content

BIG-IQ Client Certificate (PKI) Authentication

Client Authentication with certificate on one URI only

Thumbprint of the client ssl certificate

Doing mTLS Authentication per URL

Slack Mutual TLS Recipe: Adding X-Client-Certificate-SAN header from client certificate