Mutually Authenticated SSL

For CloudFoundry applications, if you need a mutually authenticated SSL, here are some notes on how that’s done.

Traditionally you might “pull the ssl cert” all the way down into the application container, like is done in an application server farm, old school. With Stackato, usually you have a load balancer deployed which handles VIP traffic for the cluster.

Specifically with you F5 LTMs, you have access to a Client SSL profile which can implement these enforcements around the client offered certification. You can configure the Trusted CA, the specific certificate which the LTM will accept for that particular Virtual Server configuration on the LTM.

The links below reference configuration documentation to setup these Client SSL Profiles:

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.