Forum Discussion

Nimbostratus

Sep 27, 2013

Two way SSL problems with APM on BIGIP

Receiving ssl_shim_vfycert:2461 when attempting two way ssl authentication. Does anyone know the underlying cause of this message or where I can find an error reference?

ssl client authentication

Kevin_Stewart

Employee

Oct 10, 2013

If I click cancel and don't present a cert I can get to the resource if on-demand cert is not part of the access policy

This part is confusing. Earlier you stated "The on-demand cert in access policy is set to require and client ssl cert is set to ignore in the ssl_client profile".

So just to be clear, the certificate authentication option in the client SSL profile needs to be set to ignore to use the APM Cert Auth agent. The Trusted Certificate Authority option in the client SSL profile should be selected with the appropriate CA certificate(s) to validate client certificates. You shouldn't (normally) need anything else in the client SSL profile.

Forum Discussion

Two way SSL problems with APM on BIGIP

Recent Discussions

HIGHLY RECOMMENDED LOST CRYPTOCURRENCY RECOVERY SERVICE/ DIGITAL TECH GUARD RECOEVRY

Help with an I-rule rewrite

When adding new GTM(DNS) to the existing group, if software version is not same, what will happen?

Keep encoding when request is handled by irule

Application drop down menus does not work behind F5 APM Portal Access

Related Content

Re: BigIP Report

BigIP Report Old

Integrating the F5 BIGIP with Azure Sentinel

Securing APIs with BigIP

F5 BIGIP WAF AND F5 DNS