- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiADC - switching between client ssl profiles
Hi. We are migrating from Citrix Netscaler to FortiADC. On the netscaler we had client authentication ssl profile depending on which URL the client accessed, and being able to switch between them depending on what the accessed.
How do we change Client SSL profiles dynamically using the FortiADC scripting ?
Is there a list of internal referenced functions that can be used in the Scripts ? ie. LB::, SSL:: VS::..
On F5 you can do something like this:
when HTTP_REQUEST {
if {[HTTP::uri] starts_with "/uri1" || [HTTP::uri] starts_with "/uri2"} {
if {not [matchclass [IP::remote_addr] equals NOCERT_IP_LIST]} {
SSL::session invalidate
SSL::authenticate always
SSL::authenticate depth 9
SSL::cert mode require
set cmd "SSL::profile /Common/require_clientssl"
eval $cmd
SSL::renegotiate
event disable all
}
}
}
- Labels:
-
FortiADC

Created on ‎07-15-2022 03:11 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
