ASM Web Services Security Implementation
Hello,
I am implementing a web services using server certificate (public and private keys) and client certificate (public). running version 12.1.2 hf1
if I use the server certificate only with in the request->action->decrypt it works but if I used sign and decrypt with client cert I get the below error when calling a function where the asm blocks the request since I am learning/blocking all settings in the "learn and block settings" ................... Click to view description Verification ErrorVerification error, signature value is wrong Click to view description Verification ErrorVerification error, wrong element digest the underlying crypto library failed to perform signature verification. ..................
1- so can anyone please advice if someone has implemented such configuration? 2- how can we troubleshoot this scenario/issue. we used to take tcpdump/ssldump on the LTM level to troubleshoot ssl (server or client certs)issues. but now it seems we need to take capture on the ASM level! if I am correct, how can I troubleshoot such scenario?
Regards, George