Cliente certificates under a specific URL

Unanswered Question
Jul 17th, 2009
User Badges:

Hi friends, hope somebody can advise me on this request.

We have a which is LB some web servers behind. All content on our site is served under SSL (this is a must).

We would like to use a specific URL to ask for client certificates under a specific subdirectory (cert), something like this:

So, everything else is using normal SSL, but all from /cert is erquired to use client certificates.

(btw, subdomains is not an option for us)

Is this possible using a CSS?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Smith3III Thu, 07/23/2009 - 23:26
User Badges:

What I mean is if CSS can restrict SSL access to a specific URL instead of using a subdomain (ie: normal website, ssl active only

Someboy told me it is possible using some kind of redirects, but honestly, I cannot find any example about that (protect directory)...

thank so much

Gilles Dufour Wed, 07/29/2009 - 03:52
User Badges:
  • Cisco Employee,

yes this is possible.

You create 2 content rulea to catch the decrypted traffic.

One is the generic rule to catch everything and the other one is specific to catch /secure/*.

For the /secure/* you simply loadbalance to the server and keep the connection encrypted.

For the generic rule, you create a web redirect service to send the client back to http://.... instead of httpS://

You do the same on the port 80 (cleartext) traffic but you redirect /secure/* to https and continue the connection in cleartext for the generic rule.

There are multiple examples of CSS redirect configuration on our website.



This Discussion