LarryKluger_307
Jan 25, 2017Nimbostratus
Mutual TLS: accepting sha256 / rsa client certs
We have an F5 setup to use mutual TLS (requesting the client's cert) for some SSL/TLS sites.
The client only has a SHA256 cert. The client can do Mutual TLS with an Apache server but not with the F5 server.
We've traced the problem to the TLS Handshake CERTIFICATE_REQUEST sent by the F5 to the client. It differs from the one sent by the Apache server.
The F5 CERTIFICATE_REQUEST only specs (accepts) one pair of HashAlgorithm / SignatureAlgorithm: 02 01 - sha1 / rsa
==>> How can we set the F5 so it will also accept sha256/rsa client certs?
(I'm an F5 newbie, thanks in advance for providing details.)