Remote OCSP and CRLDP server SSL cert checking

Question

How do you establish an LTM virtual server with 2-way SSL and remote revocation checking on the server side of a virtual server?
What is the LTM approach and the setup steps for server SSL cert checking using remote OCSP or CRLDP?
Is it similar to setting up client SSL remote OCSP and CRLDP checking? I've found lots of documentation on client SSL but nothing helpful for the server side with respect revocation checking for 2-way SSL. &nbsp;

boneyard · Answer

the server side is somewhat different, you are not receiving a client certificate but sending one (optionally) and receiving a server one. &nbsp;
specially with bigip with you probably own the server then CA check and perhaps CN is enough.&nbsp;
i did have a look at the client side ocsp and crldp stuff and if you go the irule route it seems possible to use the same commands but then in the server side events. sounds like a nice thing to try out.&nbsp;

Forum Discussion

Remote OCSP and CRLDP server SSL cert checking

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Check a Virtual Server's SSL Status

Rseries SCP OS to appliance from remote server

Oracle WebLogic Server – Remote Code Execution (CVE-2020-14882)

Bash script to check if you have a SIP profile attached to a Virtual Server (CVE-2023-22842)

Leaked Credential Check with Advanced WAF