CLIENT CERT INSPECTION ROLE
what does client cert inspection box does exactly?
can someone please explain me step by step ?
I have done my research and below is my undersntanding - please validate and answer queries
In client ssl profile > client authentication > we have selected request by keeping the same root certificate under Trusted and Advertised certificate authorities.
what is the importance of Trusted Certificate Authorities ?
what is the importance of Advertised Certificate Authorities ?
Now I am assuming due to this setting F5 is requesting for the user certificate from a laptop when latop tries to connect BIG IP Edge client (VIP)
in return laptop is providing F5 with a user certificate which is being checked by CLIENT CERT INSPECTION?
what certificate and what part of that certificate is being validated by CLIENT CERT INSPECTION? how?
this check is executing successfully for us - but I really want to know what makes it successfull - to understand the need for this check..
by the logging box with session variable Client Cert = sessoin.ssl* > we are reading many details of the user certificate from the laptop.
but as per the link https://support.f5.com/csp/article/K81201333,
log entry 'Jun 29 09:25:33 lb-abc notice apmd[15315]: 01490113:5: /xyz/pqr:lmno:7678db50: session.ssl.cert.valid is 0'
certificate validity, signature, issuer etc all ok? against what it is being validated?
pardon me, i am new to all certificate stuff and apm as well :(