Forum Discussion

Joseph_White_20's avatar
Joseph_White_20
Icon for Nimbostratus rankNimbostratus
Oct 01, 2015

TWO-WAY SSL fail with URI redirect

A few years ago we setup two-way SSL, X.509 as our security model for our web applications. All negotiation is handled at the F5. Current date, we have added a new endpoint to our web application that allows Basic Auth. http://example.com/bauth What I"m trying to figure out is this. If the URI contains /bauth, I don't want the two-way SSL to be invoked, I want it to be passed to the web application where it will do the authentication / authorization. If the two-way SSL HAS to be checked, can I perform an action via an irule that says "two way failed, but request has /bauth, so let it through anyway" Thank you in advanced.